Is there a way to move users from the administrator group to the users group using group policy?

Generally, a computer is deployed to a specific user and that individuals network account is added to the users group on the computer.  On occasion that account may have been added to the administrators group during set up and not moved back to the users group prior to deployment.  

Is there are way to move users from the administrators group to the users group using group policy on their respective computers?

In the past I was able to add the Domain Admin account to each computer's administrators group using the Restricted Groups node, on a domain wide group policy.  Is the process similiar to this?  I am worried that I will create a local account for all users on all computers.
LenCepedaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

GeodashCommented:
Sounds like you want to use restricted groups.

Take a look at this...

http://www.petri.co.il/forums/showthread.php?t=25515


computer configuration \ windows settings \ restricted groups

group = your group to be made local admins
member of = BUILTIN\Administrators
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
GeodashCommented:
Here is another good article talking about it...

http://www.pcreview.co.uk/forums/adding-group-user-local-admins-group-all-workstations-t3490156.html

although this one seems to explain the best -

http://www.frickelsoft.net/blog/?p=13
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

PradeepCommented:
yes, u can do that using the restricted groups feature in a GPO , use the MEMBERS option.

Check this

http://www.windowsecurity.com/articles/Using-Restricted-Groups.html
0
DonNetwork AdministratorCommented:
not sure how a forum discussion is considered an article
0
GeodashCommented:
I am sorry, I am unable to edit now because of your post. Should I retract my posting because I called it an "article" instead of a "discussion"?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.