We are accessing the files inside the Samba server. Samba is configured for a workgroup. There's no Active Directory, only local accounts maintained with
smbpasswd. When staff are in the office on the same network as the Samba server, they access their files through mapped drives.
When staff are out of the office, they use WebDrive on Windows to access their files on the Samba server through ownCloud. We're using external storage in ownCloud to provide access to the Samba shares. All of the shares are set to authentication:
Log-in credentials, save in session, so no passwords are saved in the external storage configuration.
OC_User_SMB lets us maintain one password for each user. Any user that has a Samba account gets an ownCloud account, the first time they sign on to ownCloud. When a user changes their Samba password, they are effectively changing their ownCloud password at the same time.
We're slowly transitioning to direct storage in ownCloud and the desktop client, but that's going to take time.
The short version:
OC_User_SMB gives us authentication like LDAP even though our Samba server doesn't support LDAP.