I have two domains/forests set up. Two way trust, verified in both domains. Each domain member server has their respective DNS search order suffixes set up. Communication is not a problem. I have done many SID translations and migrations so far without too much problem.
However, ADMT is failing to authenticate to a server in the old domain because it is getting 'access denied' on the admin$ share. This is usually quickly resolved - check to make sure ADMT user is a member of the local administrators group, check DNS suffix search order is correct, etc.
I have verified all these things and it is still proving to be a problem. The reason appears that when I am on the ADMT (new domain DC), and I UNC to the Admin$ share (or any other test share that I set up, non-administrative, for that matter) - I am prompted for credentials and greeted with an initial (access denied) requester dialog.
It appears if I enter an administrative account here now from the old domain (same domain as the target server) - it works. But it's failing to pass the new domain (ADMT user) across the trust and to this server.
Whether I try to UNC to the simply the servername or the FQDN\share - it still prompts with the access denied/enter credentials box.
Is there anything I may have missed?
Thnx