Greetings all.
We are currently in the process of an AD migration. Lets sat that:
1. DomainA is our current source domain
2. DomainB is our target domain
We currently have a two way, external, non-transitive trust between both domains. We also have DNS forwarders setup in DomainA, pointing to DNS servers in DomainB land. We have done some basic testing with ADMT, and are currently able to migrate accounts with SID history from DomainA into DomainB successfully.
Now DomainB users have a default UPN of user@domainB.something.net, but also have an alternate UPN which can be assigned which is user@domainB.com
What we would like to do, is migrate our users from DomainA into DomainB with SID history (We have this working so far), and then give them a UPN of user@domainB.com (which we tested after migrating with ADMT, we can set UPN as that)
Now what we need, is our users to sit down at a machine bound to DomainA still, and have the ability to login with an account that has been ADMT migrated, using the UPN user@DomainB.com
We have tested, and can login on a machine bound to DomainA, as an ADMT migrated user using only user@DomainB.something.net
So its allowing us to login to what our trusted domain is, user@DomainB.something.net, but its not recognizing the user@DomainB.com????
We bound a VM to DomainB.something.net, and can then logon OK with that ADMT migrated account as user@DomainB.com
So the alternate UPN of user@DomainB.com is only working on machines that are also bound to DomainB.something.net
Its obviously something to do with the trust, and how the UPN's are working, but I haven't figured it out yet.
Any help would be minty.
Cheers.