It is observed that allowed permissions based on a group are not applied, and the user is blocked from accessing the device though permissions configured for a single user are correct.
To resolve the error detailed previously, implement the steps below:
Verify that the user is a member of the group.
Check the type of the group in Active Directory and make sure that it is a Security group. Distribution groups are not supported.
If the user is a member of multiple groups which are added in the policy, make sure that there are no conflicting permissions which apply to the user, e.g., one group has full access on CD/DVD while the other has read-only access on CD/DVD. In such cases, the most restrictive permissions will be applied.