If a user is a member of multiple security groups, he will have different rights than users in just one of those security groups. If the user should only be a member of one security group, remove him from all but one. However, if the user should be a member of multiple security groups, leave it as is and recognize that the rights may differ. In this case, the more strict user group rules will supercede the other security group settings for the user. How are rights affected if a user is a member of more than one Security Group?