Local Administrators Group and Compliance Settings

Hi All, how do you manage the local administrators group? Many companies use the Restricted Group in the Active Directory/GPO to do it, but unfortunately, this settings is not an “add” rule, it is a replace. What i mean by this is simple: Imagine the scenario where you have 3 groups that always need be member of the admin group (Group1, Group2 and Group3). It is simple, you create a group policy and add this group of users to the restricted group. Now, you have few servers that need to have a 4th group. For server1 and server2, you need to add the group4 and for server3 and server4, you need to add group5. You can think that it is easy, just create a restricted group for those 2 set of servers adding the group4 or group5… in this scenario, once the 2nd GPO is applied, it will replace the…