https://community.cisco.com/t5/endpoint-security/system-manager-and-active-directory-authentication/m-p/5447573#M13276 <P>Does anyone have experience using System Manager to manage devices in multiple domains? We are getting started deploying system manager to our iOS devices and have run into a few hurdles.</P><P>First here is where we are. I set up a DC as our authentication gateway for our main domain. I was able to configure AD authentication so users are assigned as device owners and their exchange profiles are configured to iOS mail when a device is enrolled. </P><P>The problem is we have more than one domain we need to manage. When I go to enroll a device I must enter a username and password and can only authenticate users from our main domain.</P><P>I am going to try setting up another gateway on a DC from another domain as a test. </P><P>Until I get this figured out, I can't even deploy it to users from the other domains. </P> Thu, 22 Oct 2020 21:32:52 GMT AlmostAdmin 2020-10-22T21:32:52Z https://community.cisco.com/t5/endpoint-security/system-manager-and-active-directory-authentication/m-p/5447573#M13276 <P>Does anyone have experience using System Manager to manage devices in multiple domains? We are getting started deploying system manager to our iOS devices and have run into a few hurdles.</P><P>First here is where we are. I set up a DC as our authentication gateway for our main domain. I was able to configure AD authentication so users are assigned as device owners and their exchange profiles are configured to iOS mail when a device is enrolled. </P><P>The problem is we have more than one domain we need to manage. When I go to enroll a device I must enter a username and password and can only authenticate users from our main domain.</P><P>I am going to try setting up another gateway on a DC from another domain as a test. </P><P>Until I get this figured out, I can't even deploy it to users from the other domains. </P> Thu, 22 Oct 2020 21:32:52 GMT https://community.cisco.com/t5/endpoint-security/system-manager-and-active-directory-authentication/m-p/5447573#M13276 AlmostAdmin 2020-10-22T21:32:52Z https://community.cisco.com/t5/endpoint-security/system-manager-and-active-directory-authentication/m-p/5447574#M13277 <P>Just spin up a separate MDM network per each domain. We have four in our tenant with different authentication methods.</P> Fri, 23 Oct 2020 08:44:16 GMT https://community.cisco.com/t5/endpoint-security/system-manager-and-active-directory-authentication/m-p/5447574#M13277 T14 2020-10-23T08:44:16Z https://community.cisco.com/t5/endpoint-security/system-manager-and-active-directory-authentication/m-p/5447575#M13278 <P>Thank you! That makes so much sense. I knew I was just looking too closely at it. </P> Fri, 23 Oct 2020 13:31:21 GMT https://community.cisco.com/t5/endpoint-security/system-manager-and-active-directory-authentication/m-p/5447575#M13278 AlmostAdmin 2020-10-23T13:31:21Z