I’ve setup PI security in association with WIS on many systems but this one stumps me. Security is fully setup. I have a user which is a PI Administrator and belongs to the active directory group mapped to the PI Administrator identity. When logging in using SMT on a machine that is not the PI Data Archive Server the account validates (authenticated) and then given PI Administrator role. When logging in with SMT on the PI Data Archive Server he is given a trust (which I setup for local applications) which utilizes a different PI Identity. So I setup SDK to only validate WIS to allow access on the PI Data Archive Server. This validated that he is not getting authenticated or authorized on the PI Data Archive Server. Has anyone seen this behavior where a connection (user) is validated from a machine other than the PI Data Archive Server but on the PI Server, that user is not validated, utilizing the same application (SMT, PI-SDK).