This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 62%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
My company split from ABC.com to XYZ.com few months back. Many of our applications, servers and portals are still there in ABC.com environment and still in planning stage to migrate in XYZ domain. Both the domains have separate Active directory servers, where we have created new User accounts (Instead of Migrate them) of few existing employees in XYZ.com. Now we have same user in both the Forest AD with different domain name for example, User1.ABC.com is authorize to access all the applications, servers and company portal of ABC domain. After Split instead of Deactivate in ABC domain and Migrate to XYZ domain, we create new account User1.XYZ.com in XYZ domain.
Now, when users from XYZ domains wanted to access resources in ABC domain, they have to use their ABC.com credentials and for XYZ domain they use XYZ Credentials. As it is difficult to remember multiple credentials every time, we propose them to setup trust relationship between these two domains. But doing so, one should have to identify User1.ABC.com permissions in ABC.com and assign same permissions to User1.XYZ.com for all the users.
Is there any way/tool, using which we can map same users from both the domains? For example, we will map User1.ABC.com with User1.XYZ.com. So that whenever User1.XYZ.com wants to access resources from ABC domain, he/she will simply provide XYZ credentials and access all the resources (only those resources on which User1.ABC.com has permissions).
Any suggestions are welcome.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 96%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFF%3C/text%3E%3C/svg%3E)
Hi,
Based om my experience, there is not such a way to map the users .
In your situation, i would suggest :
1,Assign the same password to the accounts: User1.ABC.com User1.XYZ.com
2,Create a forest and assign the permission to the resource.
Best Regards,
Hi,
Welcome to share your current situation if there are any updates.
Please feel free to let us know if you need further assistance.
Best Regards,
Hi,
As this thread has been quiet for a while,
If this question has any update?
If you have any questions or concerns about it, please don't hesitate to let us know.
Best Regards,
Thanks for your help @Fan Fan
i found an alternate solution. where i can migrate User SID history attribute using ADMT tool to achieve this.
Hi,
I am glad to hear that your issue was successfully resolved.
If there is anything else we can do for you, please feel free to post here!
Best Regards,