Granting Domain Admin privileges to a cross-forest user account?

Does anyone know of a way to [effectively] have a user or group in one forest acquire the privileges of the Domain Admin group in another forest?

The obvious approach of adding Domain Admins@OneForest into Domain Admins@OtherForest isn't an option, because the Domain Admins group is a Global group (and thus, can't have members from other forests, due to the scope of Global groups).

You can add the Domain Admins@OneForest into a domain-local group in OtherForest, but then you can't add a domain-local group as a member of a Global (or Universal) group, which seems to result in something of dead-end using this approach to the problem.

I came across something of a partial workaround (that having typed out, I'll put as an answer to unclutter the question), the problem being that it provides Administrative rights on domain computers, but not the domain itself - for example, it doesn't allow the cross-forest account to edit GPOs.

The other approach I've considered, and had basically no luck in researching is to replicate/clone/duplicate the Domain Admins group (but as a domain-local group, so it can accept members from another domain), but I can't seem to locate a resource on what permissions this cloned group would need, and to what resources. Seeing as how it's not a trivial task to determine what permissions a given Active Directory group has, I was hoping there would be some Microsoft documentation on what permissions the built in and default groups have, but all I can find is the descriptions of their permissions, which do me no good in trying to configure another group to match.

Long question short, does anyone know how to apply domain admin privileges in one forest to an account from another forest?