We have a Win2k8 r2 domain named domain.local (domain1). Recently we partner with another company who uses domain.tld (domain2) as their ad domain name. Their wireless users use their AD radius server with ssl cert doman.tld to authenticate to the wireless network. We are migrating partners ad into our, but since it's not possible to purchase SSL certificates for internal AD domain names (.local) any more we would like to re-use their radius server with the existing ssl certificate, so my questions are:
1. Is it possible to add additional AD alias (domain.tld) to domain.local so that ssl could be used once users from partner company log on with their new username email@example.com?
2. Would users log on using existing domain alias domain1\username or using the UPN?