Hello,
I have the problem, that I can´t restrict the base.user-mangement.user.* permission.
In my example, I want that a group can´t delete users.
This configuration should be right according to your documentation (Admin Manual: 7.2. Access Rights).
But if I set this permissions, I don´t have access to “Users” anymore
I tested this with group permissions too and there it worked