Cause:
Since we created a Target Dynamic group User1Dyn composed of Devices, Applications and Users having in Description1 User1Dyn, and a Target Dynamic group User2Dyn composed of Devices, Applications and Users having in Description1 User2Dyn, you will not be able to add the new accounts because of the AND condition for target accounts introduced in the definition of Target Dynamic Groups.
The problem is that we are trying to view all applications, accounts and servers meeting a specific condition while the target account is not yet created, so it will never be able to see the records
Resolution:
To fix this we need to remove the Account restriction from the Target Group and then we can add the target applications & accounts successfully, later we need to add it back after accounts have been added