Different policies for same usernames in different domains

Is there a way to apply separate policies to same usernames but in different domains?

Policy 1 for user jjones in domain abc.com
Policy 2 for user jjones in domain xyz.com

Hi @willd44, no this is not possible in Duo today because you cannot have duplicate usernames in Duo. You could protect two domains in separate namespaces, such as abc.com and xyz.com as you’ve shared here, by using a separate ad_client section and a separate radius_server section for each domain OR configuring the Duo Authentication Proxy to use duo_only_client for primary authentication. However, usernames must be unique in your Duo account amongst all users. You cannot have two users with the same sAMAccountName in Active Directory either. The only way around this would be to rename one of the user’s sAMAccountNames in AD to something unique. Then you could have separate policies for them as well. I hope that helps!