If you add a user to the default "full" group, the user is able to upload new firmware, download backups etc. If you create a new group with all permissions ticked, the user is unable to upload new firmware or download backup files. Comparing the 2 groups, there are no options that are different through the UI, the only thing I can suspect is there are hidden permissions that have been attached to the original admin group called full.
This presents a problem where a new group is created for administrators that login through radius and don't use a local account.
Why would there be a difference between the 2 groups?