After setting up LDAP groups, a user was able to login once, but was unable to login since then

The role linked to the user was deleted after the user was initially created.  The following entries are seen in the PCService.log:

Failed to authenticate user '<username>': UserAuthentication - Role for account is disabled.

Unable to determine auth type for user '<username>' -- UserAuthentication - Account is disabled.

You can either change the user's role to one that exists and is active, or you can delete it and have the LDAP integration recreate it