Showing results for 
Search instead for 
Did you mean: 

Single realm versus multiple realms


Single realm versus multiple realms

Im creating a sign-in page and I have 2 option:

1. Create multiple realms and let users select a realm from the drop-down list before signing in.

2. Create a single realm (which won't show in the sign-in page). I'm using active directory LDAP and using expression to identify the user.

Which method are you using or recommend? I found option 2 take longer to authenticate, is it because I'm using 'expression' to identify the users?
Frequent Contributor

Re: Single realm versus multiple realms

Displaying / selecting realms has nothing to do with quering backed LDAP server, should not cause a delay.

If you have a requirement where users must select a realm before authenticating then option 1 is good.

Else you can also create multiple sign-in pages and assign individual realm to the sign in page, users will then need to hith the right sign-in URL.

Respected Contributor

Re: Single realm versus multiple realms

whichever works best for you and the specific realm you are configuring. i have seen instances where option 1 is used, others with option 2, and sites that do both, depending on the user need.


Re: Single realm versus multiple realms

In my eyes that depends on how the users work with the SA.
A rough guideline for me is....

Are there users which has to alternately login to differnet realm?
=> Sign-In Page/URL with Realm Selection.
This would make it easier for the users to switch between the realms

Are the majority of the users login to one specific realm?
=> Sign-In Page/URL with single realm for that users.
This reduces the number of users which could choose the wrong realm => Reduced work for the helpdesk :-)

Do you have multiple realms for the users, but each users always only login to one of this realms?
=> Sign-In Page/URL for each realm.
In my experience it seems to be easier for a user to distinguish between URLs rather than realms.
So telling him he has to go to "" to login is easier than telling him to go to ""
and choose the "sales" realm.

Are there technical reasons for multiple domains (e.g. users has to choose the domain he wants to login in)
=> Try to find a solution to accomplish this with a single realm.
According to Murphys Law the effort for this is considerably lower than to explain the user which realm to choose Smiley Very Happy

Frequent Contributor

Re: Single realm versus multiple realms

your LDAP AUTh make sure you have search nest groups in server cat. not all nested groups.

Sonic Boom_
Not applicable

Re: Single realm versus multiple realms

in my setups i have done sign in to one realm for my main users, (corporate). and vendors i would give them a /vendor realm, i would also place a link for MAC users to go to /mac on the default sign in page under the disclosure, (remember the sign in page accepts HTML), this way the only users that needed to know a seperate link are vendors, all the rest go to the site and get what they need from there. just a thought.

Regular Contributor

Re: Single realm versus multiple realms

sorry about the user name, i am not a new user, it was just being merged as i posted a reply
Respected Contributor

Re: Single realm versus multiple realms

This is probably the cleanest way to give different options for users who may need something than the default; you can even opt to give out only the default and then let users choose where they want to go from there based on link(s) you post on the system.