You need to define a filter in the "Profile Management" feature in TPAM to be used in Auto Discover of Accounts. The filter should be able to exclude any accounts with the following format: ABC0000 where ABC is a letter combination and 0000 is a 4-digit number.
You only need the accounts that don't fall into this format. This filter will be combined with an Active Directory (AD) Group filter to discover accounts that are member of any group that ends with "-priv".
Issue fixed in version 2.5.909.