We need to replace our Steel Belted RADIUS servers with another solution.
We have two domains in separate forests, and there is a 2 way trust between the domains.
With our current RADIUS setup, I can specify multiple AD groups that I want to allow to authenticate. One group contains users from one domain, and the other group contains members from the 2nd domain.
Right now, both can authenticate without having to enter Domain\username. They can authenticate using only the "Username", regardless of which domain they are in. I'm not sure what happens when there are username conflicts and which domain would win.
I'm trying to replicate this same behavior with the Microsoft RADIUS solution. Has anyone done this same thing and if so, how did you configure it to not need a domain prefex before the username (Domain\username) for multiple domains, not just the domain that the RADIUS server is a member of?
Thanks