I've read this in one of the HCP manuals:
HCP accepts communications from Active Directory only on the [hcp_system] network. Therefore, if a tenant is configured to use AD for user authentication, that tenant must also be configured to use either the [hcp_system] network or an alias for that network for both management and data access purposes.
My understanding of the above is that I can create multiple HCP user networks (VLANs) but if those networks belong to different Active Directory domains and I want to use AD authentication to the relevant tenants/namespaces on those separate networks then I can't because all AD and data traffic will only use the 'hcp_system' network. Is that correct?
I have a management domain and a client domain. I ideally wanted to use hcp_system for management and another user defined network for the client access but I either have to use local accounts or reduce the networks to one and ensure the client domain is routable.