one of the client setup there is one AD root server(GA) and 32 child domain.all child domain is having multiple Active directory and all works in active-active, this child domain is also configure as a GLobal catalg server and its also serving the client. All the child domain GC are synchronised with root Global catalog and root is having information of all the 32 child domain object. We have configure Root Server in Clearpass for AD authentication.
If one child domain is down then all the users related to that child domain is not able to autheticate. The object is there in root but the related child domain is down.
I need the info that how the Authentication flow happen in clearpass with root? Is the authentication packet from CPPM also Querying child domain as well.
If any one have CPPM to AD communication authetication flow document please share
For single forest and for multiple forest as well