If I understand Restricted Groups can be set up only through Group Policy.
So if I have a group of users named HelpDeskUsers in ADUC that I need to make member of every local administrators group in each domain computer. then if I add a new member to HelpDeskUsers group from ADUC console, will GPO update that group with the new member ? Or each time I need to add new member I will have to do it from the Gpedit console and drill down to Restricted Groups ?
another point, If Local administrators group in each computer already has other groups, will the GPO delete them all them and add only the HelpDeskUsers.
This example is just when adding a user group to local administrators group in domain computers.
I wonder if all local groups shown in the screenshot will have the same mapping in Active Directory.
I do not see configMgr Remote control users in AD