Hello,
i have the same setup but without samba. Maybe my example config is a hint for you.
Type: ldap
Hostname/IP: dc.example.tld
Port: 7636
Transport: SSL
Peer Cert: ucs-ca -> (you have to import it from the dc)
Proto: 3
Bind Creds: uid=opnse,cn=Users,dc=example,dc=tld -> (create a bind user in ucs)
Pass: xxx
Search Scope: One Level
Base: dc=example,dc=tld
Auth Container: cn=Users,dc=example,dc=tld
Ext Query: memberOf=cn=opn,cn=Groups,dc=example,dc=tld -> (i use the memberOf Attritbute, create a group)
User Naming: uid
Hope it helps