At 11:13 AM 7/10/2003, you wrote:
http://www.ISAserver.org
Hate to disagree with you, but domain admins DO NOT have total access across the forest, only the Enterprise Admins do, the members of the Enterprise Admins are responsible for creating and managing the forest which includes any child domain that is created from the ROOT Domain, then assign Domain Admins to existing Child domains
using the Domain Admins group in each respective Child Domain, in fact when nested domains are created the type of trust is known as a transitive trust relationship, rights are recognized between domains but MUST BE GRANTED First, so the only way the admin of Domain B would have rights to the ROOT domain is if the Enterprise Admin granted it, this goes for all users in each domain in the forest. Sorry ...
Let me reword it...
I should have been more clear in the way I said it...
Thanks!
t