Write the sIDHistory while migrating the Active Directory users from one domain to another domain-Ending with "Access Denied"
I am migrating the AD users from source domain to destination domain. I have developed the application in .NET. While migrating to maintain the ACL permission we need to migrate Source User SID to Destination user's sIDHistory. I have written code for it but it is ending with "Access Denied" I have tried adding sIDHistory manually as well; resulted in "Access Denied".
I have checked and set all needed prerequisites for it.
- PDC Emulator
- build trust in source and destination domain
- Added "Migrate sIDHistory" permission to destination domain Admin.
- Added Destination Admin to Bulit-In Admin group of source PDC domain controller.
- Enabled the Audit Polcies
Anybody faced same concern ?