I finally have everything working pretty good. I have noticed that if I log in to the user portal as a user with the regular "UserRole" granted and only the the pool objects and the user portal session times I can not log back in. The user portal shows the message the the user is not authorized to perform this function. When I log in as admin and go to "users" then view the permissions for the user I was just logged in as, the user no longer shows the "UserRole" role even though the permissions on the pool objects still show the role is granted. I have to delete the user from the "Users" list and logging back in will refresh the permissions. I have ovirt integrated with my active directory for logins. I am granting permissions based on active directory groups. To grant the permissions, I am selecting the object (usually a pool), then selecting the "permissions" tab and then clicking "add"; I do a search for the group, i click the check box next to it and click ok. The group permissions seem to remain on the object when the user portal session times out, but the actual user that timed out loses all permissions/roles. I have no idea what could be causing this other than some sort of bug. Any ideas? 

Thanks in advance.