Samba config for LDAP

workgroup = LOCAL
security = user
encrypt passwords = true
passdb backend = ldapsam:ldap://localhost
;   obey pam restrictions = yes   #uncomment this line!
domain logons = yes
domain master = yes
local master = yes
preferred master = yes
ldap admin dn = cn=admin,dc=local
ldap suffix = dc=local
ldap passwd sync = Yes
ldap machine suffix = ou=machines
ldap User suffix = ou=People
ldap Group suffix = ou=group
ldap ssl = off
idmap backend = ldap:ldap://localhost
idmap uid = 10000-30000
idmap gid = 10000-20000

Set ldap admin password

$ sudo smbpasswd -w 

Check configuration

$ smbclient -L localhost

SID for Samba PDC

$ sudo net getlocalsid

Schema for LDAP

/usr/share/doc/samba-doc/examples/LDAP/samba.schema.gz

Add Users