Thanks for the info above eelsasser - could not seem to make that suggestion work - but I'm Tasmanian after all.
However, McAfee support have provided a work-around - basically remove the Domain reference in the "Authentication Server Group => Role Mapping" section. ie. using above diagram -
"CORE\under test group => Super Administrator" becomes "under test group => Super Administrator"
All now works a treat. This will be addressed with the next update by McAfee
Can I say how impressed I was with the level of support and enthusiasm from the McFee Support Team.