Users from two different LDAP Domain trees need to access Performance Center.
When configuring the LDAP integration only a single Search Domain value can be entered.
When doing this, if users in a different LDAP Domain tree attempt to log in they are faced with a message about invalid user access.
In the Performance Center SSOService.log files we see messages like this for the same users failed log in attempts.
2020-11-25 09:30:00, Product Code: pc, Username: <UserName>, Remember Me: false, SSO version: 7.0, Remote Host: <IP_Address>, Redirect URL: http://<PC_Host>:8181/pc/desktop/page, Error Message: Unable to authenticate user.
All supported Performance Management releases
The user is not in the defined Search Domain tree in the LDAP configuration.
In order for this to work with Performance Management we have two paths to choose from.