Will Users of Intermediate CA1 trust Users of intermediate CA2?


I have my own CA(CA) and 2 intermediate(ICA1 & ICA2) CA’s(generated using the root CA).

Using ICA1, generated a server cert(for server S1) and 2 user cert(for user U1 & U2).

Now, user certs is distributed to the user-U1 & U2(including chain trust ICA1 & CA) and they are able to successfully connect to S1.

Similarly using ICA2, generated a server cert(for server S2) and 2 user cert(for user U3 & U4).

Now, user certs is distributed to the user-U3 & U4(including chain trust ICA2 & CA) and they are able to successfully connect to S2.

Since the chain trust is distributed and both have same root CA. Can User – U1, U2 connect to S2 and User – U3, U4 connect to S1 ?

If they can, I want that User U1 and U2 can’t connect to S2 and User U3, U4 can’t connect to S1.