When should you move the PSMConnect user to the domain?

Moving the PSMConnect user to the domain is critical when ActiveX is the connection method in a load-balanced environment. In such scenarios, the PSM (Privileged Session Manager) relies on specific configurations to ensure seamless connectivity across multiple servers. The PSMConnect user requires appropriate authentication and permissions, which are best handled within a domain.

Enabling the PSMConnect user on the domain allows it to authenticate against the Active Directory, thereby ensuring a stable and reliable connection to the target systems via ActiveX. This step is crucial in load-balanced setups because it facilitates effective resource distribution and minimizes session disruptions, which can occur if authentication is inconsistent.

In contrast, moving the user during routine maintenance, creating an SSL certificate, or establishing a new user session does not directly pertain to the issues of connectivity and authentication that are uniquely relevant to ActiveX setups in load-balanced environments.