Our uerid is not person related it is job related.Sorry I have no idea what that means. A username is a username.
Could you be so kind to explain why you think that group permissions are not a good idea.LDAP is not a replacement for users and groups of a host system. LDAP is a directory service, it's like phonebook and not providing any means of security other than restricting what information a user can edit. You can define access rights and groups in LDAP to specify what information a user can modify and also assign users to groups for logical structuring and notification.