We have multiple domains and forest in our environment, connected with two way trust. We are in process of Consolidating all the domains in single domain single forest. Our On prem. AD objects are synced with Azure through ADConnect.
Our Main domain is xxxx.pri. Right now we are moving all Users and Machines from yyyy.com domain to xxxx.pri. We would like to retain the users UPN @yyyy.com. when we add this yyyy.com as suffix in AD Domains and Trust. Trust breaks between xxxx.pri and yyyy.com.
Users can below error while connecting xxxx.pri domain servers.
"The Security System detected an authentication error for the server. The failure code from authentication protocol Kerberos was “The name or SID of the domain specified is inconsistent with the trust information for that domain."
In Name Suffix Routing shows Conflict with yyyy.com domain.
