I would like to share a possible solution...

if i use nss_ldap for obtaining user list & attributes (from unix attributes tab in AD users & computers) and winbind
for authentication (via pam) i get the correct uid mapping & i can emulate the host attribute via log on to this computer option
inside each AD user. (i must though setup kerberos right & join the AD).

i hope this helps someone else.

Michael.