I apologize for the complexity and wordiness of this issue in advance.
Due to the purchase of our company, by our (now) parent company, we have migrated all of our users from our original domain (let's call it OLDDOMAIN) to brand new accounts in corporate's domain (let's call it NEWDOMAIN). These domains are in different forests, but have a trust with each other. Keep in mind the migration for user accounts is complete, and we are currently employing the pre-existing OLDDOMAIN security groups in order to maintain file and print access. The way we did this was to change the established groups to Domain Local, then remove the members' OLDDOMAIN user accounts, and replace them with the members' NEWDOMAIN accounts. This was done in an effort to keep the groups from having 2 entries per user (1 for OLDDOMAIN and 1 for NEWDOMAIN).
My dilemma is that managers are constantly requesting that we copy an exisitng person's access to a new hire. When looking at the "Member Of" tab for each NEWDOMAIN account using the Active Directory Users and Computers tool in the NEWDOMAIN, we can only see the Security Groups the user belongs to in the NEWDOMAIN. Also, seeing as the OLDDOMAIN accounts were removed from the security groups, we have to open the properties of each and every group in the OLDDOMAIN and look for the NEWDOMAIN user account name. This is not feasible, at all, due to the sheer number of groups in the OLDDOMAIN.
My question is, "Is there any way to see which OLDDOMAIN security groups a NEWDOMAIN account is a member of without checking each OLDDOMAIN Security Group individually?" I can't seem to find a tool that will perform an appropriate query or populate the Active Directory Users and Computers tool with a cross-forest "Member Of" tab for user accounts.