Make sure you don't have users in more than one group or groups that have the same users.
For example if you have the following groups pcagroup and admingroup,
domain\pcagroup has members
helpdesk a
helpdesk b
helpdesk c
admingroup (admin a, admin b admin c are all members)
domain\admingroup has members
admin a
admin b
admin c
My observation is that if you login with admin a because it is a member of the admingoup and a member of the pcagroup it will cause a loop and won't be able to login. Helpdesk a-c will be fine but none of the admins will work.
The way you will know this is happening is because you will only be prompted for credentials once, it will eventually time out and pcA quick connect will close.
If your host machine doesn't think the users is in the list of users to connect it will ask 3 times before quick connect closes.
Hope that helps.