Source 2003 R2 domain HQ and target 2008 R2 domain AD are in separate, external forests that have a working two-way trust relationship. I've installed ADMT 3.2 on a member server in AD and also installed and configured PES in HQ. Migrating HQ\TestUser to AD with ADMT 3.2 seems to work OK, and the ADMT log contains the line "SID for HQ\TestUser added to the SID History of AD\TestUser".
But AD\TestUser gets an "Access is denied" error when trying to access files in HQ that HQ\TestUser owns and has Full Control permissions for.
What could be the problem? How can I diagnose it?
Thanks for your attention!