In a newly created share the AD users and groups lists in the CIFS share properties in the GUI are empty
Also the "net idmap dump" to output the gid/uid to SIDs mappings and updates will only list a few entries.
For version 4.0.3 and above:
To resolve this symptom you will need to search for a user and add access to them, this will be the new behavior going forward.
The user access list will only be populated once you search and add a user with access which is now the intended behavior.
Running "wbinfo -t, -u and -g" will return an output list of domain users and groups.
We found this greatly reduced the confusion and reduced a lot of user interaction for reviewing current user settings.
Note: If you do not have an exact username, you will need to generate the adcache using the "qs-util adcachegenall" command to allow for wildcard searches.
The users/groups won't be added to the tdb idmap database until they are searched and added as users.
New users will be added to the tdb idmap database starting at the default of 50000, we use this to avoid conflict with local system user id's.
The "qs-util adcachegenall" command is production safe and it is different from the "Search & Clear Cache" on the earlier versions of the Web GUI.
Additional detail can be found here: