Install PowerBroker Identity Services from their website. I personally only install the the pbis-open.deb and pbis-open_upgrade.deb.
Prerequisites:
sudo apt-get install samba samba-common
You are going to get an error about PAM conflicts with likewise. Just ignore and go on.
sudo /opt/pbis/bin/domainjoin-cli join domain.fqdn username
sudo /opt/pbis/bin/config AssumeDefaultDomain 1
sudo /opt/pbis/bin/config UserDomainPrefix DOMAIN
sudo /opt/pbis/bin/config RequireMembershipOf DOMAIN\\group1 DOMAIN\\group2
sudo /opt/pbis/bin/config LoginShellTemplate /bin/bash
sudo /opt/pbis/bin/samba-interop-install --install
sudo nano /etc/samba/smb.conf
[global]
security = ADS
workgroup = DOMAIN
realm = DOMAIN.FQDN
machine password timeout = 0
log file = /var/log/samba/log.%m
# log level = 2
Kerberos method = dedicated keytab
dedicated keytab file = /etc/krb5.keytab
[share]
writeable = yes
create mode = 777
path = /share
directory mode = 777
valid users = @DOMAIN\groupname
sudo service smbd restart
Should work!