This is part of a write-up of an attempt to use Linux as a "Small Business Server", and describes Samba configuration where Samba is used as Domain Controller. This is an extension to Samba as a simple File Server. Note that that you can also join a samba file server as a member server to an active directory domain, i.e. using active Directory users without the samba server itself being the domain controller.
Samba can behave as an NT4-style domain controller, which allows you to centralize user accounts on 1 server (PDC, Primary Domain Controller). This is done entirely in smb.conf, the samba configuration file, and not so different from merely setting up a simple file server. See, for instance, Samba NT Domain Controller
To add some typical "Domain" features such as a logon script, romaing profiles, etc, look at this chapter from a book on Samba,courtesy of O'Reilly.
Will probably be implemented in Samba v.4. Here's some preliminary documentation :
miru directory server, Novell developer wiki
Configure Ubuntu for Active Directory Authentication, Novell developer wiki
Samba 4 Documentation, Samba Docs, unfinished
start the creation of a kerberos realm by running krb5_newrealm. Refer to the kerberos administartion guide.
Kerberos does not necessarily need to run on the same machine as the samba server. In fact, it might not be such a good idea to have your main authentication service running on file server - but it is possible, especially if you only have 1 server. Likewise, the administration server and the kerberos Key Distribution Center(s) can each be on separate machines.
install debian/ubuntu packages : krb5-admin-server, krb5-kdc.