How to prevent Domain Admins from being denied access to network folders?
Solution 1:
This seems more like a management issue than a technical one. Taking ownership with a script or trying to block the few people that would ever play with permissions is more trouble than I think it would be worth.
In the past, we've made personal folders completely inaccessible to domain admins, but there are inevitably times when people call up and ask "can you check something in my personal directory?"
So we follow a policy that admins have to be able to read everything (with a few exceptions). If we ever come across a folder where someone has blocked admin access, we find out why, explain why we think it's better that we have access, and we change the permissions back to our default. If it happened while we were tracking down a problem, that's why we have the policy: so we could simply take control at the time and sort it out later.
Solution 2:
on option you could deploy is simply hiding the permissions tab through group policy. It won't stop a really creative user, but it will quickly weed out the majority that might tinker around. other that that, there's no need to worry about owenership so long as the admins have full control. As mentioned, you can always take ownership.