If you enable domain awareness, access to the Message Brokers Toolkit is not restricted to users from one Windows® domain.
The Configuration Manager is always domain aware; when a Configuration Manager on Windows receives user information, it verifies the user's domain membership.
You can configure the Message Brokers Toolkit to send domain aware information about the user to the Configuration Manager, if required. If the user is logged on to a Windows domain and the Message Brokers Toolkit sends domain aware information, the Message Brokers Toolkit sends the user's domain membership information and the user's ID. If the user is not logged on to a Windows domain, the Message Brokers Toolkit sends only the user's ID and the computer name.
If you enable domain awareness, users from different Windows domains, who are either trusted by the primary domain, or in a Windows transitive trust relationship, can perform Message Brokers Toolkit tasks, provided that they are in the correct user role definition groups or object level security groups.