We run a private cloud environment for multiple clients. We have a resource domain that provides access to shared applications such as Citrix, Exchange and VDI. The clients are segregated from each other with their own user domains that have a forest trust to the resource domain.
I'd like to do away with these trusts. They are difficult to maintain and create firewall swiss cheese. I'm looking for a solution that can communicate with each user domain's AD and provide authentication to the resource domain's applications. I've been researching Password synchronization, Enterprise Single Sign On, ADFS and RADIUS solutions but haven't quite found what I'm looking for. Has anybody got close to achieving this or have some other buzz words for me to investigate?