When running sewhoami -a for users within an OS group, some do not show the group properly. This is causing rules to be applied inconsistently between members of the group.

For example, the OS group opttest is shown in the output of id for optuser. When sewhoami -a is called, it shows the group as well.

# id
uid=10206(optuser) gid=10206(opttest) groups=10206(opttest) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
# sewhoami -a
optuser
ACEE Contents
  User's Name             : optuser
  ACEE's Handle           : 79
  Group Connections Table:
    Group Name              Connection Mode
            ====================    =================================
    opttest                 OS_group 
Categories              : <None>
Profile Group           : <None>
Security Label          : <None>
User's Audit Mode       : Failure LoginSuccess LoginFailure 
User's Security Level   : 0
Source Terminal         : localhost
Process Count for ACEE  : 1
User's Mode             : OS_user 
ACEE's Creation Time    : Tue Jun  7 17:36:55 2022

For optuser2, id shows the group but sewhoami -a shows the group list as <Empty>.

# id
uid=115(optuser2) gid=10206(opttest) groups=10206(opttest) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
# sewhoami -a
optuser2
ACEE Contents
  User's Name             : optuser2
  ACEE's Handle           : 79
  Group Connections Table:
<Empty>
Categories              : <None>
Profile Group           : <None>
Security Label          : <None>
User's Audit Mode       : Failure LoginSuccess LoginFailure 
User's Security Level   : 0
Source Terminal         : localhost
Process Count for ACEE  : 1
User's Mode             : Regular 
ACEE's Creation Time    : Wed Jun 15 17:55:36 2022

Privileged Identity Manager 12.8 SP1
PAM Server Control 14.x

The issue is occurring because opttest is an XGROUP and optuser is an XUSER, but optuser2 is a USER. A USER cannot be a member of an XGROUP, they can only be a member of a GROUP. 

# selang -s -c "sxg opttest"
(localhost)
Data for XGROUP 'opttest'
 -----------------------------------------------------------
Owner             : nobody        (USER   )
Create time       : 15-Jun-2022 12:32
Update time       : 15-Jun-2022 12:32
Updated by        : root          (USER   )

# selang -s -c "sxu optuser"
(localhost)
Data for XUSER 'optuser'
 -----------------------------------------------------------
Owner             : root          (USER   ) 
Last accessed     : localhost
Last access time  : 17-Jun-2022 16:06
Create time       : 07-Jun-2022 17:27
Update time       : 07-Jun-2022 17:27
Updated by        : root          (USER   )

# selang -s -c "su optuser2"
(localhost)
Data for USER 'optuser2'
 -----------------------------------------------------------
Audit mode        : Login-Success, Failure, Login-Failure
Owner             : nobody        (USER   )
Last accessed     : localhost
Last access time  : 15-Jun-2022 17:55
Create time       : 15-Jun-2022 17:55
Update time       : 15-Jun-2022 17:55
Updated by        : root          (USER   )

Either the user needs to be removed and recreated as an xuser or the xgroup and corresponding xusers need to be removed and recreated as a group and users.