What you're describing is called Restricted Groups, and, you got it -- it's seemingly not possible to make Restricted Groups' most useful feature be "additive" (or, more accurately, "augmentative.") That is, most people want to use it to add _additional_ members to an existing group. But that's not how the "Members of this group" function works. Rather, it "rip and replaces" existing members. So, it's not ideal in every situation.
Related Q&A from Jeremy Moskowitz
Can I append Domain Groups to the local 'Admin' Group of Domain Computers without affecting the exis
Expert Jeremy Moskowitz explains what an admin would need to do to append Domain Groups to the local 'Admin' Group of Domain Computers without ...continue reading
How can I restrict rights for a group of users on a specific OU of computers, but not on any compute
Expert Jeremy Moskowitz shows a reader how to use loopback policy processing to restrict rights for a group of users on a specific OU of computers.continue reading
Expert Jeremy Moskowitz explains how to use Group Policy for a Windows 2000 Server to apply proxy settings automatically on all the workstations in a...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.