Samba is an open source implementation of the SMB (Server Message Block) protocols used to share files. Microsoft uses the SMB protocol in their networking. Samba can be used as a replacement or compatible option to Microsoft clients or servers.
[notes: Anyone wishing to implement LDAP into their samba setup BETTER understand samba already..but I will touch on some very basics along with some issues that deal with the parts of the samba config that will be prerequisites to using LDAP as a backend.]
There are two accounts required for a user to gain access to system resources on a samba server. Both a Samba account and an account that the underlying OS can reference are needed. Samba requires a network user account to handle SMB authentication to the SMB network. The underlying OS uses a POSIX account to verify a users file rights on the local system. The smbpasswd is one place an smb account could be stored while the /etc/passwd file is where the local OS account could be stored. When using LDAP, both the SMB and POSIX account attributes can be stored together in the LDAP account.
There are required accounts and groups in a PDC(make link to glossary!) that are used to administer the network. These accounts and groups must be created for both the SMB and POSIX systems with certain preset values. Much in the same way a POSIX user has a user id, or UID, an SMB user has a SID. Certain RIDs are reserved for use by these administrative accounts and groups. See the list of reserved RIDs.
No matter the backend that you are using to store your samba user data, the following users and groups will need to be created and the appropriate SAMBA RID will need to be set.
| Name | Type | RID |
| Administrator | user | 500 |
| Guest | user | 501 |
| Domain Admins | group | 512 |
| Domain Users | group | 513 |
| Domain Guest | group | 514 |