u/Southern_Detail_5303

Hi everyone,
I recently built a VMSS Windows 11 AVD host pool using Terraform with a customized image. Users can log into their assigned AVDs, but they are inadvertently being granted administrator privileges.
I assigned the users to a group with only the Virtual Machine User Login role (the standard configuration). However, when I log into an AVD instance and run whoami /groups, it shows that the user is in the built-in Administrator group.
I can't figure out how to disable this. Has anyone else run into this issue or know how to fix it?