Need help algorithm rid base error!

Marcelo Felipe mfelipe at victoria.com.ar
Wed Dec 1 19:50:24 MST 2010 

Dearest, I've been having this error for a long time now, every time I 
try to add a machine to the domain. I've searched all the web, forums 
and I couldn't find it. There's a lot of people with the same problem, 
and we can't find an answer.

I had this problem once when I updated Samba 3 on SuSe SLES9, now I'm 
working under Linux Debian Lenny 5, and we transferred the database to 
LDAP (people, machines, groups) and the problem started again.

We need a solution since we can't establish the Algorithmic rid base by 
default and register all the users and join all the machines once by one 
because it'll take months of work.

Could you tell me where the problem is and give me some kind of help or 
explanation about how to solve this?

The error is:

[2010/12/01 23:03:34,  0] passdb/pdb_interface.c:pdb_new_rid(1063)
   'algorithmic rid base' is set but a passdb backend without 
algorithmic RIDs is chosen.
   Please map all used groups using 'net groupmap add', set the maximum 
used RID using
   'net setmaxrid' and remove the parameter
[2010/12/01 23:03:48,  0] passdb/pdb_interface.c:pdb_new_rid(1063)
   'algorithmic rid base' is set but a passdb backend without 
algorithmic RIDs is chosen.
   Please map all used groups using 'net groupmap add', set the maximum 
used RID using
   'net setmaxrid' and remove the parameter

Samba setting is:

[global]
    workgroup = CASVTEST
    wins support = no
    security = user
    domain logons = no
    domain master = no
    preferred master = no
    interfaces = lo eth0 eth0:0
    bind interfaces only = yes
    os level = 2
    algorithmic rid base = 15000

# Parametros LDAP

    passdb backend = ldapsam:ldap://localhost
    ldapssl = off
    ldap admin dn = cn=admin,dc=victoria,dc=com,dc=ar
    ldap suffix = dc=victoria,dc=com,dc=ar
    ldap group suffix = ou=group
    ldap user suffix = ou=people
    ldap machine suffix = ou=computers
    ldap passwd sync = yes

    encrypt passwords = true
    obey pam restrictions = yes
    passwd program = /usr/bin/passwd %u
    passwd chat = *Enter\snew\s*\spassword:* %n\n 
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    pam password change = yes
    logon path =
    logon drive = H:
    logon home =
    logon script =
    printing = cups
    printcap name = cups
    socket options = SO_RCVBUF=8192 SO_SNDBUF=8192 TCP_NODELAY
;  message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &
    idmap uid = 10000-20000
    idmap gid = 10000-20000
    dns proxy = no
    max log size = 1000
    syslog only = no
    syslog = 0
    panic action = /usr/share/samba/panic-action %d
    client ntlmv2 auth = yes

# Clientes Win2000+ y win9x

    lanman auth = yes
    ntlm auth = Yes

# Setup scripting IDEALX

    add user script = /usr/sbin/smbldap-useradd -m "%u"
    delete user script = /usr/sbin/smbldap-userdel "%u"
    add machine script = /usr/sbin/smbldap-useradd -w "%u"
    add group script = /usr/sbin/smbldap-groupadd -p "%g"
    delete group script = /usr/sbin/smbldap-groupdel "%g"
    add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
    delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
    set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u


Samba's details in LDAP base are, e.g.:


Kindly yours,

More information about the samba-technical mailing list