When using Job DSL for generating folders (where I have noticed this issue), the authorization permission command does not add the new USER/GROUP prefix from Matrix Authorization 3.0 in the XML files.