Having admin role does not mean access to all data. You need to give that user also permissions to access data (place him/her in correct usergroup).
Superadmin has no restrictions.

Thank you for your answer, but I don't understand. Which group is the correct one? I thought that each was based on the same pool of permissions, which I could set for a specific group - I didn't have to add the user to two different groups.
You wrote: "Superadmin has no restrictions" - due to my poor English I can't explain it well. What I mean is that User has most of the options greyed out. Super-Admin has all fields active - meaning there are no restrictions. But if I uncheck all options for him, then he will have less privileges than the user, right? So basically, choosing the user type allows you to avoid a situation in which someone is given too many privileges, but certainly not - too less?​​

Please read this part of documetnation and try to understand...

Zabbix operates on the hostgroups/usergroups matrix. You cannot give any access to a user directly, only to a usergroup and user, who belongs to a group inherits all the access given to a group. Table below... usergroup1 has access to hostgroup1 etc... (x marks the spot)...
If you put a user into "usergroup1" and "usergroup2" in below example, that user gains access to data from hosts belonging to hostgroup1 and hostgroup2, if they would try to access a dashboard, containing data from hostgroup3, they would get exactly that error what you described..."No permission to objec or it does not exist"...
Adding "roles" on top of it, adds "what user can do" level. "User" can see data, "admin" gets also access to "configuration" menu ("data collection" in v7, I think). With role config, you can take away some of those rights. We used to have just user type without any roles, adding roles to picture made things more granular...

That's how I understand it.

1. I created a hosts group "hosts_for_tester" and added a "WIIP-B" host to it.
2. I created a "group_for_testers" and added host permissions for the group "hosts_for_tester".
3. I created a "role_for_testers".
4. In Active Directory I created a "tester" user.
5. Users > Authentication > LDAP Settings > server > user group mapping: if the LDAP group is "testers" assign to the user groups "group_for_testers" and role "role_for_testers"
6. Now I log in as user tester - it works. Monitoring > Hosts > I see the host "WIIP-B".

I believed that the dashboards for this particular host only contained data for that host. Since the user apparently has permissions to this host, I thought that the data would be displayed on the dashboards for it. And that's not happening. And yet it does not contain anything more than what is in the graph position, which the user can already display.

I'm not talking about this dashboard:



Interestingly, this is a "global view", so it wouldn't surprise me if there was no data, but it is displayed here - limited to hosts from the group. Meanwhile, as an administrator, I can see data from all hosts here.
​

All right, I think I understand this now... I went to my own test v7 and experienced the same case... eventho I had access to configure the host (admin user with RW access to hostgroup), I was still unable to see host dashboards.
In the end I had to give my testuser also read permissions for template groups where those templates are, which generate those dashboards... this is something I need to dig into now to understand it better... I guess it has something to do with all the splitting tempalte groups from host groups... but ... exact mechanics of this is still a bit mystery...

I'm sorry I wasn't clear enough.
Do you think I should report this as a bug?

In v6.4 this was also a thing when you have host-prototype in a template which is set to a different host-group then user(API) access allows. Then you can't for example export the template because of missing host-group rights. (export by API call)