I want to use privacyidea for windows login manage for Admin users, my main goal is to ask 2fa from only one group that contains the admin users and hide the OTP text box for other users at login. Is this possible?
Usually you would use the privacyIDEA server to decide whether the user should use a 2nd factor or not.
This can be done by configuring challenge response. On the privacyIDEA server you could use the passOnNoToken policy or the passthru=userstore policy to allow users without a token to login.
You can also configure a excluded group in the CP. But you should keep your logic on the client side simple.