The process of creating a share on Samba AD DC is a very simple task. First create a directory you want to share via SMB protocol and add the below permissions on the filesystem in order to allow a Windows AD DC admin acount to modify the share permissions accordingly to what permissions Windows clients should see.
Assuming that the new file share on the AD DC would be the /nas directory, run the below commands to assign the correct permissions.
User sunkid at the InsanelyMac forums put together a shell script that, when run, automates all the steps I detailed in the previous post. A couple of the steps from my previous guide remain the same, so I'll include those steps as-is below. Starting at step three, you'll notice some changes.
This tutorial will guide you on how to create a shared directory on Samba AD DC system, map this Shared Volume to Windows clients integrated into the domain via GPO and manage share permissions from Windows domain controller perspective.. It will also cover how to access and mount the file share from a Linux machine enrolled into domain using a Samba4 domain account.