AAA - Active Directory with user that resides in another domain in trust

Hi,

 

We have few domains and we expect to use an unique AD account to query the servers. So, we try to configure AAA server AD with an user that resides in a specific domain name.

 

I know its possible with LDAP setting, but we need some AD setting advantages, specially for password changes.

 

Example:

 

AD

 

Domain name: domain1.net

 

Domain controller: adsrv1.domain1.net

 

Admin name: user_bigip

 

AD

 

Domain name: domain2.net

 

Domain controller: adsrv2.domain2.net

 

Admin name: user_bigip@domain1.net

 

AD

 

Domain name: domain3.net

 

Domain controller: adsrv3.domain3.net

 

Admin name: user_bigip@domain1.net

 

The result is that the Big-IP tries to query the bind with user_bigip@domain1.net@domain2.net

 

With user name in old format (Domain\Username), Big-IP ignore back slash. e.g. domain1.netuser_bigip@domain2.net

 

Is it possible to do? Could you give me some direction?

 

Thanks in advance.