Install SAMBA and make sure that you also install the client packages and winbind.

Create an smb.conf like this: 

[global]
   #-----------------#
   # Naming settings #
   #-----------------#
   workgroup = EXAMPLE.COM
   server string = SMB server
   netbios name = FS01
   os level = 44

   #------------#
   # Networking #
   #------------#
   interfaces = 127.0.0.0/8 eth0
   bind interfaces only = yes
   name resolve order = host
   disable netbios = yes
   smb ports = 445
   domain logons = Yes
   preferred master = Yes
   domain master = Yes

   #-------------------#
   # Kerberos Settings #
   #-------------------#
   security = ADS
   realm = EXAMPLE.COM

   #-------------------#
   # Security Settings #
   #-------------------#
   encrypt passwords = yes
   dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd

   #---------#
   # Logging #
   #---------#
   log level = 3 auth:10
   log file = /var/log/samba/%m.log
   max log size = 10000
   syslog = 0

[homes]
   comment = Home Directories
   browseable = no
   writeable = yes
   force create mode = 0660
   force directory mode = 0770

Create a machine trust for our CIFS server. Run on kerberos host: 

kadmin.local
addprinc cifs/fs01.example.com

Add the password that you added for the cifs/fs01.example.com to the secrets.tdb file (this is the machine trust account password): 

net changesecretpw -f
If you later on get an error message like: 
ads_secrets_verify_ticket: failed to fetch machine password
In your machine log file, it means that the passwords in Kerberos and in the secrets.tdb file are out of sync. Also note that the password is stored in plain text in the secrets.tdb file, so make sure this file is very secure (chmod 600).

Create the home directory for our user: 

mkdir /home/testuser
chown testuser:Domain\ Users /home/testuser/

Test the configuration parameters in the smb.conf file: 

testparm
and start the samba services. Note that on Red Hat machines nmbd is automatically started. So if you do not want nmbd (which I said we wouldn't) comment the corresponding lines in /etc/init.d/smb out. 
service smb start
service winbind start

Testing

Check network connectivity: 

net lookup ldap
This should return the IP address of the LDAP server and its port number.

Check domain SIDs. SAMBA should have created it's own machine domain SID and should have read the domain SID from LDAP: 

net lookup name EXAMPLE.COM
net lookup name LARIX
This should return the SIDs

Check to see if the user SIDs are there and correct: 

net usersidlist
This should return testuser and nobody.

If all the above is fine, we should be able to connect to our file server with kerberos: 

kinit testuser
smbclient -L fs01.example.com -N
This is an anonymous logon check. Just to see if we can list the shares available on the server.

List the services available on our server as user testuser using our kerberos ticket: 

smbclient -U testuser -L fs01.example.com -k

Connect to a share using our kerberos ticket: 

smbclient -U testuser //fs01.example.com/testuser -k
With ls you should be able to view the contents of the share. With put you can transfer a file from your local system to the remote. Samba acts as an FTP server, so if you are familair with FTP, do as you like to test the share. ? will give you an over view of the available commands. Quit closes the connection.