My current setup is as follows:
source.local --> target.com
(SIDHistory included in migration - SIDHistory enabled on forest trust)
source.local <--> target.com
(SIDHistory included in sync job - SIDHistory disabled on forest trust)
This works as expected. target.com users can access source.local resources and I can see the SIDHistory attribute value in the target.com account.
I now have a scenario source.local users need to be enabled and will need to access target.com resources. This doesn't work with the current setup. There is no SIDHistory attribute value populated in source.local account even though I have checked the SIDHistory option in the sync job settings (which is a 2-way sync).
1. I haven't enabled SIDHIstory on the trust for that direction yet - does it stop the SIDHistory value being populated, or does it only sotp it from being used.
2. Does the SIDHistory option in the sync job only apply to source -> target direction (even though the sync itself is two-way). If so - do I need to migrate the objects back (instead of sync).