It's fixed in 10.2.
on the second issue, where you want to set two identity stores (say Windows Active Directory for internal use and Built-in or a custom store for external use for example), we are still looking into this. At this point, a site can only be configured with one identity store.
Ismael
Hi Ismael Chivite
Circling back to this thread as this is still a problem we face with public deployments. Having the ability to setup multiple identity stores or authenticate users across a forest-trust model. There is an ArcGIS Ideas post submitted for consideration of support for an Active Directory Forest Trust model.
An alternative we have had to implement is to build a proxy protected in 1 forest that uses an account from the second forest. Users are authenticated to the proxy, then the proxy impersonates a service account that is known to arcgis server. With this though we cannot use editor tracking and cannot handle fine-grained control at the service level. I also question the security of that model as we continue to grant that service account access to more and more. Thanks if you have any input or update.