45 DBs * 16 groups/Domain/DB = 720 logins.
Each login maps to a DB user, which is a member of a db role.
The roles already exist, as do the DB users for the logins from DomainA.
I was hoping to be able to link the logins from DomainB to those existing DB users, which would save me 2 steps: creating DB users for DomainB groups, and linking those new DB users to their roles.
As I said, it's not so bad: I was able to automate it in the end.
And as long as I don't have to manage the groups' members, I'm happy.