Forum Discussion
Stanislas_Piro2
Apr 25, 2016Cumulonimbus
Hi,
You can request global catalog to know which Domain request.
- create a AAA LDAP server with Global catalog servers (port 3268)
- create a LDAP query between Logon page and AD Auth
In LDAP query branches, use following expression to split tree for different domains:
expr {[string tolower [mcget {session.ldap.last.attr.dn}]] ends_with "DC=company, DC=local"
or
expr {[string tolower [mcget {session.ldap.last.attr.dn}]] contains "DC=company" }