Newly created users can not logon to the configured SAML portal services while the connection to Nextcloud works fine.
Existing users can use SAML services without any issues.
To compare two users check differences of two users
diff `univention-ldapsearch uid=GOODUSER` `univention-ldapsearch uid=BADUSER`
which possibly shows several missing attributes for the newly created user.
The user got created in the UMC user management module instead of being created through the ucs@school user module. Therefore attributes where missing.
Delete the user and recreate it through ucs@school.