We use openLDAP for central user/group authentication.

the base configuration of LDAP is as follows :

dn: dc=visielab,dc=be
objectClass: top
objectClass: dcObject
objectClass: organization
o: uantwerpen
dc: visielab
structuralObjectClass: organization

dn: cn=admin,dc=visielab,dc=be
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: e1NTSEF9emdJcVpQUW1RUmYrNVRvZmp1K2o4SEZrWnk5NFovQjI=
structuralObjectClass: organizationalRole

dn: ou=People,dc=visielab,dc=be
objectClass: organizationalUnit
ou: People
structuralObjectClass: organizationalUnit
entryUUID: 2c2dcb08-ba3b-1037-8cb5-05243b87b858

dn: ou=Groups,dc=visielab,dc=be
objectClass: organizationalUnit
ou: Groups
structuralObjectClass: organizationalUnit

The password for the LDAP administrator is •••••••••• The backend used for openLDAP is mdb. The database is in the directory /var/lib/ldap/.
The configuration of the ldap server can be found here → /etc/ldap . Extra schema's have been added, for autofs and samba. I followed this excellent howtoo → https://help.ubuntu.com/lts/serverguide/samba-ldap.html
Don't forget to install the smbldap-tools ! These will be used to add users, groups, modify passwords, shells, etc. They act on the samba accounts as well as the unix accounts at the same time.