Go to SUIM -> Roles -> By authorization objects and enter object S_GOS_ATT. Check if there are any roles.
Now take these roles, go to PFCG and hit where-used. Check which users have authorization. Alternatively, go to SU01D for the 2nd user and see if she has any of these roles.
If nothing works, run a trace in ST01 and check what is happening.