Install PowerBroker Identity Services from their website. I personally only install the the pbis-open.deb and pbis-open_upgrade.deb.

Prerequisites:


sudo apt-get install samba samba-common

You are going to get an error about PAM conflicts with likewise. Just ignore and go on.


sudo /opt/pbis/bin/domainjoin-cli join domain.fqdn username
sudo /opt/pbis/bin/config AssumeDefaultDomain 1
sudo /opt/pbis/bin/config UserDomainPrefix DOMAIN
sudo /opt/pbis/bin/config RequireMembershipOf DOMAIN\\group1 DOMAIN\\group2
sudo /opt/pbis/bin/config LoginShellTemplate /bin/bash
sudo /opt/pbis/bin/samba-interop-install --install
sudo nano /etc/samba/smb.conf

[global]
        security = ADS
        workgroup = DOMAIN
        realm = DOMAIN.FQDN
        machine password timeout = 0
        log file = /var/log/samba/log.%m
#       log level = 2
        Kerberos method = dedicated keytab
        dedicated keytab file = /etc/krb5.keytab

[share]
        writeable = yes
        create mode = 777
        path = /share
        directory mode = 777
        valid users = @DOMAIN\groupname

sudo service smbd restart

Should work!