apt-get install libpam-ldap libnss-ldap nss-updatedb (make local root database admin NO)

add to your /etc/ldap.conf

pam_filter !(uid=root)
host macosxservername
base cn=users,dc=loopback,dc=org

edit /etc/nsswitch.conf and change the passwd, group, and shadow lines to resemble:

passwd: files ldap
group: files ldap
shadow: files ldap

Have /etc/pam.d/common-account read

account sufficient pam_ldap.so
account required pam_unix.so

Have /etc/pam.d/common-auth read

auth sufficient pam_ldap.so
auth required pam_unix.so nullok_secure try_first_pass

Have /etc/pam.d/common-passwd read

password sufficient pam_ldap.so md5
password required pam_unix.so nullok obscure md5
password optional pam_smbpass.so nullok use_authtok try_first_pass missingok

Finally, have /etc/pam.d/common-session read

session sufficient pam_ldap.so
session required pam_unix.so

You should be good to go. Test with a command like:

getent passwd

See https://help.ubuntu.com/community/OSXLDAPClientAuthentication

Mount home directories:

root@ubuntu:~# mkdir /Network/Servers/macoscservername/Users
root@ubuntu:~# mount borg:/Users /Network/Servers/macosxservername/Users