<div>
No. The domain administrator is also a local admin. But the local admin is not a domain administrator. So everything is still secure.
</div>


No. The domain administrator is also a local admin. But the local admin is not a domain administrator. So everything is still secure.

<div>
<div class="content wysiwyg-content">
As I understand , once we join a computer to domain , the domain administrator group will be added into local administrator group . <br />
<br />
So, by then the local administrator can act as domain administrator to manage all the domain setting including domain GPO ?? &nbsp;Am I right ??? Please confirm .<br />
<br />
If I am right, then the branch office administrator ( local administrator ) can &quot;control&quot; head office domain administrator jobs ???
</div>
</div>


As I understand , once we join a computer to domain , the domain administrator group will be added into local administrator group . 

So, by then the local administrator can act as domain administrator to manage all the domain setting including domain GPO ??  Am I right ??? Please confirm .

If I am right, then the branch office administrator ( local administrator ) can "control" head office domain administrator jobs ???

Domain administrator group add into local administrator group

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.

Microsoft Server OS

The Microsoft Legacy Operating System topic includes legacy versions of Microsoft operating systems prior to Windows 2000: All versions of MS-DOS and other versions developed for specific manufacturers and Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions, and Windows Mobile.