Problem:
Domain administrators from other domains were having an issue whereby they could manage Mi-Token via the Active Directory UI but were constantly getting an "unlicensed" issue in the UI. This is because those administrators did not have ADAM database permissions to read the license object.
Fix:
Open up the configuration for the Mi-Token ADAM instance:
c:\windows\adam\adam-adsiedit.mss
Connect to the configuration on the correct port (usually port 5000)
Open the roles container, open the administrators object.
Scroll down to the "member" attribute.
Add the users from the different domain to this list.
This should solve the issue.