Enterprise admin group

[Guest]

I am a member of the "Enterprise Admins group" But appear to only have
authority in the root domain. I can manage sub domains DC's but have no
authority on sub domains member computers. I need to be the "Administrator"
for all domains. The previous domain admin had a local account to each
domain. I don't believe this is the solution. Any ideas would be most
appreciated.

Thanks in advance

 

[Simon Geary]

For the Enterprise Admin permissions to flow effectively throughout the
forest you must ensure that the Enterprise Admins group is a member of the
domain admins group in each domain. Furthermore, you must have the local
domain admins group as a member of the local administrators group on each
domain member. You can use Group Policies Restricted Groups setting to
enforce the latter.

 

[Guest]

All of the Domain Admin groups are "Global" groups. I can't add the
Enterprise admins group nor any other "non-local" accounts or groups to them.

 

[ptwilliams]

You need to add yourself to the domain admins group in each domain.

The domain admins group should be a member of the local administrators group
for all domain members (domain-specific mind, hence the reason you need to
be a member of each domain's domain admins group).

--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/

All of the Domain Admin groups are "Global" groups. I can't add the
Enterprise admins group nor any other "non-local" accounts or groups to
them.