I'm handling a NAC (CAS and CAM ver 4.5) to be implemented to a network on production. The network has two working AD servers, one acting as back-up. We want to configure the NAC to be able to run ADSSO even if the active AD fails, so we configured NAC to run ADSSO on multiple servers. I followed the documents, run ktpass for multiple ADs, installed kerbtray to see Kerb tickets, but still I'm puzzled of the problem. My CAS shows the the ADSSO service is already started, but my workstation cannot perform Single-sign On. After the "performing AD authentication" window, the agent then reverts back to as a local account. Please help guys. I'm willing to share other details about this. Thanks.