Our domain is trusting an exernal domain (not in the same forest) and we need to add an account from the external domain into the domain admins group of our domain.
I understand that the Domain Admins group is a global group so we cannot add accounts from other domains into it but I have seen several workarounds on the internet, but none of these seem to work in our situation.
I raised the functional level of our domain to Windows 2000 Native to enable the Universal groups but found that this didnt help either.
I tried creating a universal group and a domain local group, but I cannot add either of these to the Domain Admins group and only the Domain Local group lets me add accounts from the external trusted domain...
Any ideas on how to go about this?