On 15 Jan 2014, at 16:38, Colleen Romero <[log in to unmask]> wrote: > Is it possible to implement SSO across multiple AD domains using Shibboleth? Hi Colleen, SSO to what? If you’re asking if the Shibboleth IdP can use multiple AD instances as a source of credentials, the answer is yes (through some JAAS jiggery-pokery for AuthN and through defining multiple data connectors for attribute gathering (as long as you don’t have identical user ids in the different AD instances as things get very confused then). Is that what you meant? Best, Rhys. -- Dr Rhys Smith Identity, Access, and Middleware Specialist Cardiff University & Janet - the UK's research and education network email: [log in to unmask] / [log in to unmask] GPG: 0xDE2F024C