Hi @
The sidHistory attribute is a system control attribute, changing the permissions on the attribute will not grant you rights to add new SIDs, you will only be able to remove existing SIDs. You can only add new SIDs using the DsAddSidHistory function, this function has a number of prerequisites that must be met for the function to be successful.
The details of the prerequisites can be found here - https://learn.microsoft.com/en-us/windows/win32/ad/using-dsaddsidhistory
You could also use the SID History bulk option in NetTools, which will validate that all the prerequisites are in place and manage sidHistory values - https://nettools.net/sid-history-bulk/
Gary.