I have created a Security group on a 2019 server. I need to provide users in this group the ability to logon to a workstation add be able to add/remove applications and printers and run-as-administrator to allow an update on an application to run when launched.
I was thinking a Built-in security group may have this capability but I am not able to find one that meets my needs. I can create a GPO(s) for this group but I am struggling with the permissions to set to achieve the needed capabilities on the workstation.
Any advise will be appreciated or an alternate method to achieve this.