Add www-data to LDAP-Usergroup for NFS access

We have an internal webserver that writes some documents to the NFS-Share of our office users. Before we introduced UCS this was pretty simple (just add www-data to the group “office”), but since we introduced UCS we had some problems, as www-data is a system user which can’t be added to LDAP groups.

As a workaround I replicated the group manually as a system-group:

root@example:~#  id www-data
uid=33(www-data) gid=33(www-data) Groups=33(www-data) 

root@example:~# id bob
uid=2009(bob) gid=5001(Domain Users) Groups=5001(Domain Users),5056(office)

root@example:~# vim /etc/group

root@example:~#  id www-data
uid=33(www-data) gid=33(www-data) Groups=33(www-data),5056(office)

Now www-data can access the “office” NFS-Share on the server “example”. It works, but feels like a hack, and I have no clue which unintended consequences this might have*. Perhaps It’ll make the LDAP throw errors, or something like that? Is there a better way to grant www-data access to the share?

*asides the securtiy concerns that www-data can access the office share, of course.