The user is part of a group which has rules set to allow these users the ability to sesu. The user login works fine and this user is properly identified as their AD account but not as part of this one AD group. Both sewhoami and the system id command fail to find the specific group.

Root cause is when below entry is enabled in /etc/nsswitch.conf, only the primary group is being detected.

initgroups:   files psmp 

enabling initgroups in the /etc/nsswitch.conf  will cause the system to check the /etc/group file for the presence of user group. Since this group is not defined locally it is ignored

Simply comment this line out ( # initgroups ) in the /etc/nsswitch.config file. No recycling of services is necessary but the user will have to relog in for the group to be seen.