Using "Active Directory Users and Computers" for a different domain
The "poor man's domain trust relationship" seems to do it for me.
I'm having no problems using "Active Directory Users and Computers" to administer accounts in a domain untrusted by my laptop computer (which is, itself, not a member of any domain) by creating a local account with a username and password that matches a user that's a member of "Domain Admins" in the domain to be managed. I'm launching ADU&C with "Run As" and supplying the alternative credential.
That same method ought to work fine for your first scenario, as well. Try it and see.
(My laptop client is running Windows XP Professional SP3 and the test domain controller is running Windows Server 2003 Standard x86 R2 SP2).
My laptop is joined to a DOMAIN1. I can perfectly manage DOMAIN2 with this command. I did not have to create any local account. DOMAIN1 and DOMAIN2 are completely different controllers. No trust relationship exists.
The command is:
runas /u:DOMAIN2\Administrator /netonly "mmc %windir%\system32\dsa.msc /server=DOMAIN2"
You will be prompted for Administrator password. Hope this helps.
It has been a while since I've had to do this, but I've had good luck mapping a drive to one of the DC's in my target domain using a Domain Admin user. Then launching ADU&C and attaching to the target domain. It inherits my domain credentials. Otherwise, Evan's method would be the 'seamless' method.
Use the Credential Manager / Vault (search for it in start) to add a Windows credential for the AD server. Be sure to specify the username as DOMAIN\User. This worked for me just now. [This thread was a top search result but did not have a working answer for me, so I posted despite it being many years old...]