Better Posix AD
When Setting up Samba as an AD DC for Linux and other POSIX clients some things are not as simple as they could be.
A user on a POSIX system needs a uid and gid value.
Samba should set a uidNumber and gidNumber on the directory entry when the user or group is created. Additionally the schema should be extended to indicate that the uidNumber is actually IDMAP_BOTH, that is able to be expressed as a GID for ACLs.
This should be allocated via winbind, so that the administrator has control, however a new default should be created to use the SSSD idmap algorithm.
For RID based algorithms the base values for the domain should be stored the in trustPosixOffset value of the domain trust entry so that they run on each host automoously, and