Even if wrong from a security point of view, disabling the certificate validity check from Java could ease the things.
Otherwise you could follow the official Samba wiki
Only some paths are different in our installations.
The NSDC container root directory is
/var/lib/machines/nsdc
Append
/var/lib/samba/private
You can modify smb.conf in nsdc manually - it isn’t a template.
The drawback of doing the right thing is remember to renew the certificate!