Using Multiple Realms vs Single Realm

If your organization uses only one authentication server, you’ll probably need to configure only one realm in AMC. There are other situations in which multiple authentication servers are required:

• Multiple user repositories—If your users are stored in multiple directories, you must create a separate realm for each one. For example, if your employees are stored on an LDAP server, while your business partners are stored on an Active Directory server, create a separate realm for each directory server.
• Chained authentication—For increased security, you can require users to authenticate to a single realm using two different authentication methods. For example, you set up RADIUS or a digital certificate as the first authentication method, and LDAP or Active Directory as the second one. To make the login experience for your users a one-step process, configure AMC such that users see only one set of prompts.