Hi,
Your understanding is corect and it is strange why it is not working for one and works for other, if they have same business roles, this case would be mostly of the user access rights but as you mentioned both have same roles then this needs to be checked in detail logging into the system, why dont you reach out to SAP log an incident with the examples.
Regards,
Suresh