4qmvo (4qmvo) asked a question.
Hello,
Whats the proper procedure when you want to add multiple forests with IWA agents in each forest, but the user may need to access both. For example, user is a part of OLDDOMAIN.COM (which currently has IWA agents) and they at times will need to access NEWDOMAIN.COM (hope to have IWA agents).
I understand that this may be possible with the DSSO Custom URL that could potentially be used to redirect to the proper SSO. Is it my understanding that the users will enter in that new custom URL to then sign in to the NEWDOMAIN.COM?
Also tried adding the newdomain to existing okta client and it ended up taking the OLDDOMAIN IWA agents offline. In order to bring them back up had to take the new IWA agent offline and they came back up.
I apologize if this has been answered and I've tried to look at other posts but didn't see the answer I was looking for. Did see one post but it references a post that no longer appears active.
Thanks!
Did find this comment later which may just be the answer..
https://support.okta.com/help/s/question/0D50Z00008C3jdK/ad-agent-and-multiple-ad-forests