Windows File Sharing for Local Network Directory accounts in macOS Mojave

Think of macOS like a unix server. It runs it's own directory service and unless / until you bind it to another directory (like LDAP or NIS or AD) - you get any local account / password only when a SMB share tries to authenticate. It typically allocates user id number 501 to the first user so when a lot of Macs share files, the file server will see all the initial Mac accounts as the "same 501 account"

If you're OK setting up one Mac server - then I would go with Server.app to set up your small number of accounts but this gets unwieldy after a dozen to a few hundred accounts and you'll want to set the Mac to join an external domain. Then you could have people sign in to the shares using that scheme to issue unique ID numbers and accounts to each person to keep things straight.

For the Mac running LDAP/OpenDirectory there are several posts here that apply:

• Authenticate Mac users by LDAP

So - to address the two main points:

1. You don't need to do anything specific to allow SMB sharing permissions - if the account exists on the Mac due to being a local account or part of a directory it subscribes to - shares that allow all users will just work when a correct user/pass is presented from windows SMB clients (or any SMB client for that matter)
2. You can have multiple directories of accounts - the Mac will order them in most preferred to last checked - as long as one user is found in one directory - that user can potentially log in.

Start small with this - you can set up two or three users and test easily. Once you figure out if you want server app or just normal sharing (you might not need server.app) you can find the log files that log errors and quickly suss out when there's a problem in most cases.