Hi, my lab consists of the following
test.local <---- One way trust with selective authentication SID history disabled--contoso.local
child1.test.local
forest and domain functional levels are 2012r2 all servers are 2012r2
I got a fileserver (FS1) in contoso.local with a share shared for U1@child1.test.local die user has the right to authenticate on FS1.
I tried to access the share before migration(U1@child1.test.local --> FS01) and it worked. Now I migrated the user to contoso.local. The sid history field is populated with the old SID. I tried to access the share again (U1@test.local --> FS01) and it still worked!
I would suggest that SID filtering would filter out the field SID history of the User U1@test.local. As soon as the user tries to authenticate over the trust. What am I missing here?