The Samba man pages are good on Samba client integration (especially the wiki with AD.). I found that the most difficult things to get right were associated with Home directory mounts and dependencies. SElinux can be a pain, as can iptables.
To try and contribute I walked though the example I use here and posted it. I have tested with about 20 machines now and they seem to be stable.
Here is a worked example which certainly works with Fedora and should work with Centos. If you find any errors, then please let me know and I will fix them.
Likewise and Centrix are two examples of middleware that does the same job and I think user versions are free. I am not fond of fire and forget software as it can break when you least expect it and you don't know what it did to make the system work. Most of the work they do is associated with the pam stack.
As for file permissions, the linux programmes will translate the file permissions in 'nix terms and the AD serve in terms of NTFS permissions. If you AD server has permissions set so that Joe Bloggs has read access except for the second Tuesday in the month when they can write the second paragraph in every document (say!). I am not sure that you will be able to necessarily get that working under samba. However, in that respect IANAE.
