Make sure you use "grand group" instead of "grand user" in your domains.xml file
<domain name="ABC Domain" description="ABC Domain">
<agent mapping="hostname1(.*)"/>
<agent mapping="hostname2(.*)"/>
<grant group="APM_ABC_Group" permission="full"/>
<grant group="APM_XYZ_Group" permission="read"/>
</domain>