At long last...
Having a collection based on Active Directory User Group membership has been a holy grail since we installed SMS. It seemed to make sense to everyone that since we have the user ID of the last logged in user and can pull user ID's from AD groups we should be able to marry the two into a collection of computers.
Not so much.
After investing significant time under SMS 2k3 SP2, I gave up. There are a couple of Third-Party add ons that can accomplish the task, but we weren't buying.
Today I saw the same question again in a MyItForum post, and decided to re-visit the problem now that we had SMS 2k3 SP3 and Asset Intelligence deployed. Here's the resulting query:
select distinct SMS_R_System.Name from SMS_R_System inner join SMS_G_System_SYSTEM_CONSOLE_USAGE on SMS_G_System_SYSTEM_CONSOLE_USAGE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SYSTEM_CONSOLE_USAGE.TopConsoleUser in (select distinct UniqueUserName from SMS_R_User where UserGroupName = "<domain>\\<group>")
Just replace "<domain>\\<group>" with your site specific info and you should be good to go. Notice that we user TopConsoleUser here, which hopefully more accurately reflects the user of the computer than just "last logged on".