Samba4 has a number of new server roles, lets talk about what they do. Also, keep in mind that if you want to change the role it's a good idea to re-provision.
This makes your Samba4 server behave based on the configuration of the security setting. The security setting will be interpreted as it was in Samba3. The options are: auto, user, domain, ads
# provision \ --domain=edoceo.lan \ --adminpass=t00_easy \ --server-role=auto \ --use-ntvfs \
We still got errors in the logs, like this:
task_server_terminate: [Cannot start Winbind (standalone configuration): Failed to find record for BORON in /var/lib/samba/private/secrets.ldb: No such object: (null): Have you provisioned this server (BORON) or changed it's name?]
standalone | standalone server
This one can run by itself or it can join and participate a Windows Domain. This option also can be used with map to guest to create an open file and print server.
member | member server
This one must be joined into an existing Windows Domain (which could also be Samba3 or Samba4 based). Need to have the encrypted passwords = yes, can map with Winbind.
classic primary domain controller
Run Samba4 like it's a NT4/Samba3 Domain Controller.
netbios backup domain controller
Runs a classic Samba backup domain controller, providing domain logon services to Windows and Samba clients of an NT4-like domain. Useful for a redundant logon service.
active directory domain controller | domain controller | dc
The big-daddy, Active Directory Domain Controller providing logon services for WindowsXP through Windows8.
# provision \ --domain=edoceo \ --realm=edoceo.lan \ --adminpass='Pass1234' \ --server-role=dc \ --dns-backend=NONE \ --use-ntvfs