we have to move to a full ldap environment.. but IIRC samba4 is on the to-do list too, so we can't simply think to move to openldap..
all the user/groups/ibays/$whatever entity must be reworked thinking in a Samba4 perspective, so it's a quite big chunck of work..