Support for multiple active directory domains
Being able to connect to more than one active directory for single sign on would be an amazing feature. I have a setup where I have multiple active directory forests and MUST keep them separate and disconnected. I use multiple orgs and am enjoying it, but without being able to join to each active directory with single sign on, I am afraid user adoption of the portal will be minimal and not worth the effort. Please add this as soon as possible.
Lucas McCuistian commented
Yes, this would be very helpful. For our main domain, the SSO works well, but it is very confusing for anyone on any of our other domains as they essentially get 2 prompts to login to the portal, but the first one they have to cancel in order to get directly to the standard sign on screen for the portal.
Richard Eady commented
I know this Idea is a little old and maybe you have since figured something out but I thought I would share this.
I have our K1000 set-up and working with Multiple active Directory Forests using LDAP authentication and Active Directory Single Sign on and it works perfectly, has been for many years. I do have trusts in place between all of our forests which I believe is required to for this set-up to work.
I have not set it up with our K1000, but we also use ADFS SAML SSO with other Services and multiple Forests so that maybe an option as well, However this still requires trusts between the forests.
If you cannot have trusts between all of the forests consider setting up an additional Forest that has trust relationships with the other forests but negates the need for trusts between all of the other forests. I actually do have a resource forest that I have all of our Shared organizational resources in, Security/AV, ADFS/SSO, some SQL servers, Exchange.
This would be a great addition for us as well.