Hi everybody.
I've got a problem while migrating my domain ressources to another one.
Source domain is A.local (Windows 2008 R2). Target is B.com (Windows 2016).
There is a trust between the two forests, bidirectional and transitive.
I use ADMT to migrate users and groups. While migrating these objects, I check the "Migrate SID History" button.
Before that, I have desactivated the SID filtering between my forests with this command :
- from the source domain : Netdom trust A.local /domain:B.com /enablesidhistory:yes /usero:administrator /passwordo:*
- from the target domain : Netdom trust B.com /domain:A.local /enablesidhistory:yes /usero:administrator /passwordo:*
When I try to access a share from the target domain, with a user who have share and security permissions, there is an
error. I cannot access.
If I modifiy the share settings to allow access to everyone in the source domain, access is ok for my user in the target domain.
And more, If on my source domain share, I put share permissions to the target user (or group), it's not working. If I do the same thing in the target domain, putting share permissions to the source user, everything is working fine.
I've disabled / enabled SID history and SID filtering, nothing changed. Same things after broke and new creation of the trust.
I have checked the user account in the target domain, the SID history is correctly written in the users attributes.
No firewall or AV software on any DC.
Does someone have an idea?