It seems using VBScript and GetObject does allow it, however that's a very simply enumerate_groups VB script, all it does is enum members of the domain admins group.
Code:
On Error Resume Next
Set objGroup = GetObject _
("LDAP://cn=domain admins,cn=users,dc=forest1,dc=net")
objGroup.GetInfo
Set objGroup2 = GetObject _
("LDAP://cn=domain admins,cn=users,dc=forest2,dc=net")
objGroup2.GetInfo
arrMemberOf = objGroup.GetEx("member")
arrMemberOf2 = objGroup2.GetEx("member")
WScript.Echo "Members:"
For Each strMember in arrMemberOf
WScript.echo strMember
Next
For Each strMember in arrMemberOf2
WScript.echo strMember
Next
As I said above, this works - however it sorta seems to suggest that you need the exact DN of a target and as that's what I'm trying to get, it's sort of like chicken and egg. 
