Current scenario : single forest multiple child domain and one tree domain. office 365 in use azure ad tenant in place.
Requirement: separate the tree domain to separate ADDS windows forest, latest version, migrate the application and servers to ADDS on premises and migrate users and computers to office 365 azure tenant .
Queries: how to maintain the user access server resource and applications, how sid history maintained?