One note here with respect to this statement:
I added the domain admins of Domain2 to the local admins built in group in AD for domain1.
I do not have control, or I get an error about not being a local admin of the machine.
If you added the Domain2 domain account to the LOCAL Administrators group of a PC in Domain1, you do need to reboot the PC in order for those new group memberships to take effect. A domain PC evaluates domain account SIDS in local groups during machine account domain authentication.
If you added the Domain2 domain account to a DOMAIN Security Group that was already a member of the LOCAL Administrators group, it should not be necesary to restart the PC, however, just as with any other domain security group, you'll need to log off and back on to the domain in order to get the proper Group SIDs in your token.