it seems that issue is with the Account permission from which you are trying to move. Can you please check on the both domains for the account.

please move your FSMO on destination server on which DC you are trying move this user.

Specially RID master.

@Gaurav Singh
It is already an enterprise admin

@Amit
I am trying to move the a user from child doman DC to a DC in root domain which is the FSMO holder as of now.

so does Child domain controller is hosting FSMO role in case you have ADC of child dc.

@Amit
I didn't understand the above

I was meant to RID master role hosting child domain's DC.

Have you tried moving the user, using Move Tree command line? If not please try the link for more info.

https://support.microsoft.com/en-us/kb/238394

Another thought is this; try removing the group membership and associated GPOs for the user .

Also make sure the user was not in account locked out state, if so reset the password and try.

Zac.

@Zac
I am not familiar with movetree

This is a production server

I found something today. When I run command "netdom query fsmo" from child DCs I am getting warning.

C:\Users\Administrator>netdom query fsmo
Schema master               *** Warning: role owner is a deleted DC: CN=NTDS Settings\0ADEL:584a2306-cca1-41fe-8443-5b4ecbe424f1,CN=MYDC01,CN=Servers,CN=mycompany,CN=Sites,CN=Configuration,DC=domain,DC=edu,DC=kw
Domain naming master        *** Warning: role owner is a deleted DC: CN=NTDS Settings\0ADEL:584a2306-cca1-41fe-8443-5b4ecbe424f1,CN=MYDC01,CN=Servers,CN=mycompany,CN=Sites,CN=Configuration,DC=domain,DC=edu,DC=kw
PDC                         MYDCCO-DC-01.domain.com
RID pool manager            MYDCCO-DC-01.domain.com
Infrastructure master       MYDCCO-DC-01.domain.com
The command completed successfully.

It is pointing to a deleted DC. If I run from root domain it is listing new DC.

I am not sure how to make the child DCs pick the new schema master and domain naming master

Thanks to all