there is no attachment to your post.
lets back up a bit though and simplify things.
You dont need to use recordset values in your rules, this is one thing that may be causing confusion.
for the admin rule, edit the authenticate user behavior on the login page. On the third step of the wizard, you can select user table columns to store in a session variable, select the txtgroup column so that the user group is stored at login time, this way you dont hav to look it up, you can use the already existing session variable.
for the if self rule, you are just filtering thje recordset on the ID query string:
why not use that in the rule rather than the recordset value?