I am in the process of consolidating a lot of separate Active Directory domains into one child domain of our international corporate structure.
Previous migrations have been smooth, but I've hit a new issue with file shares/servers with the current two migrations I'm handling.
In the past, we've first migrated Groups,after that then Users and their computers in small groups. Once all the small groups have been completed, we migrated the file servers as a last step. Throughout the process users/computers that had been migrated to the target domain had zero problems accessing files and shares residing on servers still in the source domain.
Now, with two separate locations, we've migrated a group of test users to the target, and they are denied access to shares in the source domain. If we manually add the migrated target groups or users to the ACL of the shares in the source domain, they are able to access normally.
The biggest difference currently is that the previous migrations brought NT4 domains over to 2003 via ADMT 3.0. We are now migrating 2003 domains over to 2008r2 targets via ADMT 3.2.
About to setup a test file server to see what happens if we migrate it first, but it will take some time to get the resources in place for that.