I have the same issue. My Jenkins instance uses Security Realm of Active Directory, and Authorization of Role-Based Strategy. If the user does not use the same user ID case I use in Role Strategy, then they get the "missing the Overall/Read permission" error.
As Active Directory does not care about case, my WORKAROUND is to enter 2 global and project entries for the user. One uppercase, DW12345, and one lowercase, dw12345. I could tell the user to use only lowercase, but then I would just get hassled by users who don't remember, or want an excuse to debate why we are moving to Jenkins. Love the plugin, as it works perfectly to control job visibility and read/write permissions. But the case sensitivity is an unnecessary pain.