It is possible to use AD LDAP, in this case the application needs a unique gidNumber for each LDAP group object returned from the AD container.By creating a separate ou and placing group objects with serialized gidNumbers you can fix the applications...