Authentication: Routing Authentication per Domain
It's important to have a chance in big customers the chance to route authentication process in base of domain name. it would an improvement about what there is already available. Example: firstname.lastname@example.org will be authenticated by radius on server1; if authentication fail, email@example.com will be authenticated by Active directory on server2. ecc.
Very efficient in big environment.
Also should apply if using many ldap server connections with different base dn's and users using User Prinical Name (so it can be matched).
This is also important when a server cannot be contacted as the default timeout is 10 seconds (for each server that cannot be contacted in the list).
Another reason to evaluate this feature request is due to in case of an ASG installed in front of several Active Directory controllers or Radius Servers, etc, each failed authentications (because the user that the ASG is trying to authenticate doesn't belong that AD or Radius server) let the administrator know information about credentials that would better to keep reserved. ISP, even small, need it.
this feature is getting request for endusers that have a lot of incoming connections by Vpn roadwarriors (Remote Vpn) and that have 3 or 4 back end systems to authenticate users, such as hospitals that have remote access for suppliers (that are configured on a dedicated backend system), doctors, employees (that are on other backend) and Students