See below AD schema appended, uid's, gid's assigned, STILL getent will not identify any AD users or groups.
I created the AD schema file and imported the NIS schema to the AD Schema Master.
Set these 2 values using ADSI Edit
# msSFU30MaxUidNumber: 50000
# msSFU30MaxGidNumber: 50000
Assigned uid's to all users
Assign all users Primary Group to "Domain Users" as the AD User tool forces you to set that value to something.
Assigned gid's to all groups
There are 59 users uid's 50000 thru 50059
There are 34 groups gid's 50000 thru 50034
[global]
dns proxy = No
log file = /var/log/samba/log.%m
logging = syslog at 1 /var/log/samba/log.%m
map to guest = Bad User
max log size = 1000
panic action = /usr/share/samba/panic-action %d
realm = DOMAIN.COM
security = ADS
server role = member server
server string = %h server (Samba, Ubuntu)
template shell = /bin/bash
username map = /etc/samba/user.map
usershare allow guests = Yes
winbind enum groups = Yes
winbind enum users = Yes
winbind use default domain = Yes
workgroup = DOMAIN
idmap config domain : unix_nss_info = yes
idmap config domain : range = 50000-1000000
idmap config domain : backend = ad
idmap config * : range = 3000-7999
idmap config * : backend = tbd
map acl inherit = Yes
store dos attributes = Yes
vfs objects = acl_xattr
Barry