IAS RADIUS server in root domain servicing RRAS clients in subdomains

According to Transcender (Exam 70-297) you can have an IAS RADIUS server in
a root domain servicing RRAS clients in subdomains.

Specifically, the scenario is that you have a head office and other branch
offices that are subdomains of the head office domains. RRAS servers exist
in all branch offices. The business objective is that RRAS servers should be
administrered by local IT staff but RRAS policy should be determined
centrally in the head office. The correct Transcender solution is to place
an IAS server in the head office that will act as a RADIUS server for the
various RRAS servers.

The problem that I have with this is that I do not understand how the RADIUS
server in the head office (root domain) is going to access the Active
Directory account information for users dialling in to the local office
subdomain? How can this server authenticate users in a different domain?

Any assistance would be much appreciated.

TIA

eddiec

 

Aha, but the parent domain by default in AD establishes a two way trust with
the child domain so therefore Transcender are right that the RADIUS server
in the root domain would authenticate users in the regional offices.

eddiec

 

hang on let me think no one wont to listen