Not sure if I get the question, but if you want to limit users to their
organizations according to their certificates, you can use certificate
maps. This can map certs to group-policies so that users can't use them
with other organizations.
**** please remember to rate useful posts