It is not uncommon to have multiple Active Directory sources to handle different types of accounts an individual user may have (their regular account, an admin account, a domain admin account, etc.). The current typical solution for this is to have multiple AD sources, but this leads to duplicate Entitlements (one for each of the AD sources).
Additionally, Active Directory groups are often synced to Entra ID through the Entra Connect tool, resulting in Entitlements being effectively duplicated between these two sources as well (with the Entra ID instance of the Entitlement actually being read-only as far as Entra is concerned, since it’s being synced from on-prem AD).
The idea here is to provide the ability to link (or correlate) Entitlements that exist in multiple Sources (this should be doable manually or by specifying a correlation attribute like a SID), and to provide a mechanism by which we can create Certification Campaigns for a group of these linked Entitlements. This would make it less confusing to Certifiers who may not understand why there are two (or more!) different Entitlements for the same security group in a Campaign.