My company has 4 child domains (representing 4 remote offices) in addition to the parent domain set up in Active Directory.
So, it looks something like this:
Parent: domain.com (This is my Base DN)
Each child domain has users that are not present on the parent domain (Base DN), which is the main office.
Attached is a screenshot of the set up I currently have on my LDAP tab (without specifics)
Any user registered in the Active Directory parent domain (BASE DN) can log into the Tiki with no problem.
Any user who logs in from any of my child domains fails to log in with a "Invalid password" message. I can reset the password, triple check it's being entered in properly, and the result it ALWAYS the same.
So far as I know, Tiki is not currently capable of authenticating against multiple domains (or multiple LDAP servers). The code could be modified to search, say, the global catalog for the user's DN and then authenticate against the corresponding domain, but this would be custom coding.
From novice to tech pro — start learning today.