Are you using EAP-PEAP or EAP-TLS?
If EAP-TLS are you looking "authenticate" certificates from both domains and then "authorize" with the username on the certificate after that?
What is your workflow?
------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
HPE Design and Deploy Guides:
https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card------------------------------
Original Message:
Sent: Aug 05, 2022 04:33 AM
From: house gregory
Subject: Adding secondary AD to Auth Source but can not make it trusted without certificate
Hello,
We have two different forest and two different Domains. We want to add secondary AD to the Auth source of a new service. The Clearpass joined both AD's but we couldn't add the second certificate without overriding the first one. And without certificate clients are not trusted. I am wondering how to make clearpass trust the second AD without adding the certificate? Thanks.