we need to configure the integration with Windows authentication of Portal for ArcGIS 10.6.1 with 2 or more domains at the same time (i.e. the configuration needs to take into account 2 or more domain configurations)
There is no indication in the documentation that 2 or more domains can be configured:
are 2 or more distinct domains not in the same forest
Can you tell us if this is possible?
Not too long ago we had a similar situation with new partners operating with multiple forests trying to access the same portal
It was technically possible to configure, given there was appropriate trust being configured between the forest/domains and using the GC's in each, but Portal would constantly complain that this was not happy about it in the logs.
The documentation used to indicate as such, though it now appears to be missing, but this is what it said:
Perhaps this is not the case any longer, but would be worth confirming with Esri.
When we did have it configured and working, after upgrading from 10.6.1 to 10.7.1 users in the forest for which the service account using in the Identity Store Configuration would one first load have a 60 second white screen delay when accessing the portal home page.
For this reason we migrated users to SAML and haven't looked back.
If your domains are in the same forest, I believe all they need is access to a global catalog to make IWA work.
Hope this helps!
thansk a lot for your support
best regards Angelo