You should add clearpass to all domains that you want to authenticate to. If you have multiple SSIDs, you can use ClearPass to first check what SSID the user is authenticating to and then only check the user's credentials against the domain that corresponds with that SSID.
If you have a single SSID for all users in all domains, you need the following:
- All users in all domains must trust the Clearpass radius certificate
- ClearPass must be joined to all domains correctly and be able to reach domains controllers in all domains. This means that DNS must be able to resolve resources from all domains
- All clients must be configured correctly to connect to that single SSID.
**Consolidating multiple domains into a single SSID involves alot of work and typically you should try to maintain whatever connectivity that exists and then migrate to a single SSID later.