It is possible to configure SAML for only one domain and just LDAP for different domains in PAM

Release : 3.4.x

Component : PRIVILEGED ACCESS MANAGER

Yes we can have the solution configured for SAML and regular LDAP access.

When importing the users -> via our import wizard you have various different options:

So you will have to import the users that will sign-in via SAML to domain AAA.COM  and the other domain you would just import them as LDAP.