When you switch to DS Authentication in the forms config it has an extra required step to create a group which permits users to access forms. In the past it would simply sync all full licensed users.
So you must create a DS group with some name, for example Forms Users.
But when you add your AD group to the DS group you must create, like so
It just acts as if they are not a member and full licensed users never have any access to forms. The only way to fix this is for an administrator to manually go to the account generated in DS after AD sync and add them to this DS group.
Of which they forget, open a support ticket stating it is broken, and we need to troubleshoot the entire thing again just to find this configuration is broken.
I think we have had 10 repeat instances now where we get a ticket like this, only to find the same issue every time.
Anyone who has a full license in Laserfiche should have access to Forms, based on the defined access rights for the AD group in the forms administration page. This all works properly before switching to AD Auth where we must create an AD group and AD membership is not accounting for members of a group of that group.