!!THIS IS FOR SBS 2008!!
This one makes no sense to me and I've been working for days to figure it out. I have created a Universal Security Group for 2 separate OUt's....These Security Groups have all of the users in the specified OU and there is a script that runs hourly to add all users in a specific OU to a specific security group.
Now, my problem is this....I go into the "Members Of" tab and I see Administrators, Windows SBS Web Workplace Users, Windows SBS SharePoint_MembersGroup, and Windows SBS Virtual Private Network users.
I of course don't want these members to be part of the Administrators group but after I remove it, at some point (seems like a day or two later) it puts the Administrators group back in there.
I've verified that it is not my script that's doing this (please let me know if you want the VBS code) and the only other thing I have going on involving these groups is within Group Policy.
I've set this group in Group Policy to automatically become part of the Local Administrators Group on PC's so when these users login to their machines they are local admins (easier than doing it on a user by user basis). I've set this option in GPO under "Computer Configuration --> Windows Settings --> Security Settings --> Restricted Groups"
Now I know it seems obvious that this might be the problem because it says "Administrators" but it should only be adding them to the local administrators group on their machines, not on the server. I know for a fact it is automatically adding these groups to the local computers.
Anyhow, any help is appreciated. I've attached a screen shot of my GPO as I *think* it might be the culprit but if that is the case, what is my workaround to get these groups added automatically to the user machines.