First we should review the types of users in UIM -

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/unified-infrastructure-management/20-3/administering/types-of-users.html

In order to separate out groups of devices like this you would need to use Account Contact users and not Bus Users.  A high-level overview of this setup would be as follows:

- in Account Admin (now in Settings tab) you would need to create an account, e.g. "NetworkGroup" 
- also in Account Admin you would create an ACL for this group, like "NetworkGroupLDAPACL" and give the appropriate level of permissions for the users in that group
- next in Account Admin you would link that ACL to a specific LDAP group;  now, users who log into UIM who are part of that LDAP Group will be assigned this ACL and be treated as members of this Account
- next in Operator Console you would log in as the administrator and create a new group.  Set the appropriate filters to capture the devices that you are interested in, and choose the account (e.g. "NetworkGroup") at the top of the group creation screen - this will limit this particular group so that only members of the assigned account can see it.
- You would have to repeat this process for each different LDAP group, creating a unique Account and unique ACL for each one which would then be used to link the LDAP Group to the account.