Hi,
Below article describe different security policy settings that can control user authentication to a network or device, the resources that users are permitted to access, whether to record a user's or group's actions in the event log and membership in a group.
https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/security-policy-settings
From your description, it seems that you can use User Rights Assignment policy.
User Rights Assignment. Specify the users or groups that have logon rights or privileges on a device.
Best regards,
If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.