Grouper Users - Open Discussion List

In trying to provision flat group membership to both LDAP and AD it seems 
that the grouper naming convention "stem:group" would fail when provisioning 
groups to the AD.

This looks like when AD auto-populates the "pre windows2000" group name, or 
more specifically the sAMAccountName and has no way of handling the ":" I was 
thinking of generating a converted group name and storing as an attribute 
with the group, then when provisioning trying the "group-attribute-mapping" 
to workaround this...

<group-attribute-mapping ldap-object-class="">
  <group-attribute-map group-attribute="groupsAMAccountNameConversion" 
ldap-attribute="sAMAccountName" />
</group-attribute-mapping>

This way, the AD group would still hold the correct CN in relation to 
grouper... but I'm curious of what issues a non-matching pre-windows 2000 
name would create.

...but before I go barking up the wrong/right tree... has anyone else 
encountered something similar and had any success with other solutions?

TIA,
Ray W.