>> Is their a way to search for attributes into the ovirt web interface, for
>> example "memberof" ?
>>
>> I can't imagine adding hundreds or thousand of users one by one...What
>> would be the solutions ?
>>
>You can assign specific permission to the group that relevant users are
>member of (we support also nested groups if needed)
>and of course you can select multiple users/groups when you assign
>permissions.
>If the above is not option for you, could you try to describe what exactly
>are you trying to achieve?
>Thanks
>Martin Perina
As I explained, my groups are not in the same dn path than my users. As it is not possible to add multiple dn path, my only solution is to use users.
Those users have attributes like "member of" which still keep the information about what group they belong too. I didn't find any way using the interface to filter by attribute, for example to show all users member of group "foo".
I could do that with ldapsearch, but then how would I inject the result to ovirt configuration to add those users to specific ovirt roles ("ovirt permission groups") ?