[Samba] Problems with groups, minimum gidnumber?

[Harald Hannelius]

I have succesfully migrated our users (~3900) from our Samba 3 DC/OpenLDAP, 
complete with passwords.

I have some 300 + groups that I'm trying to get migrated to our Samba 4 AD.

I can create the groups, but it looks from the domain-member's side that 
groups don't work as I expect them to.

- Not all groups seems to be visible by using 'getent group'. It looks like 
groups with a gidnumber below 1000 isn't visible. Where is this limit 
configured?

- Am I supposed to be able to list group members by using 'getent group 
groupname'? Now the groups that are visible don't have any members in them.

- I have two accounts, uid 510 and 527 respectively. 510 is a member of all 
the groups like on the Samba DC, the other one isn't a member of any other 
groups than users(100) and BUILTIN\users. How do I debug this? I suspect 
that if a user is defined to be a member of a group with a gidnumber below a 
certain limit, he or she isn't going to be a member of any extra groups, or 
something in this order.

-- 

Harald Hannelius | harald.hannelius/a\arcada.fi | +358 50 594 1020