Hello, hope someone can help me to figure out what's happening

this the situation

we recently migrated from ise 1.2 to 1.4 and hera no problem made the only exception that the system couldn't retrive the SIDs of  some active directory groups which belonged to two different domains let's say domain2 and domain3 which are bidirectionally trusted with Domain1 (the domain on which the ise nodes are registered) not  a big problem as we did manually set those values and authentications went all ok

now we patched the system with patch 6 and as soon the patch was applied the authentications for domain 2 and 3 are no longer happening as the system reports the machine cannot be found at the joinpoint, lots of errors are arising on the dashboard saying domains are not available and dns not reachable, the domains in the forest are ok and not "unusable"

of course dns is reachable and the setup is still the same as it was on ise 1.2 and ise 1.4 fresh upgrade (before installing patch 6), 

now the whole deployment is rolling back to uninstall patch 6, just wanted to know if someone had this issue and eventually how to solve it 

p.s.at this time the nodes have visibility for the domain controllers of domain1 (should we open to the other ones?)

thank you in advance for any hint, advice or suggestion