I have a customer with multiple Microsoft ADs.
And I need to get EAP-TLS working for client in all ADs.
Each AD has it's own CA.
We will do machine authentication.
We have a Cisco Secure ACS server to handle the authentication.
My question: Is it possible to have the ACS authenticate clients with certificates from various ADs/CAs?