s4: rid pool and other provision fixes

Stefan (metze) Metzmacher metze at samba.org
Fri Jun 25 07:36:06 MDT 2010

Hi Tridge,

> The local dc account get the value of nextRid and the intial
> rIDAvailablePool starts
> with nextRid + x + 100. x was 0 in my dcpromo with a local rid counter
> of 500000.
> I'll test more combinations...
> I'm wondering why x is 1 in some cases and the rIDAvailablePool starts
> at 1101 when nextRid was 1000,
> instead of starting with 1100. Maybe it depends on the functional level.

I've done some testing with a w2k8r2 server and commpared dcpromo with
function levels (forest/domain) 4/4, 3/3, 2/2 and 0/0.

And x is always 0, but I found that we need to create the RID Set for the
local dc in provision, instead of runtime (when the first account is

dcpromo sets the rIDNextRID to lowest value of rIDPreviousAllocationPool.

And as rIDNextRID is not the rid of the next user, but the rid of the
last user,
the first user gets rIDNextRID + 1, which is 1101 in most cases.

I also noticed that rIDUsedPool is never updated on a w2k8r2 server (at
least if it's
the rid master itself).

The changes can be found here:

If they're no objections I've planed to push this changes tomorrow if
make test doesn't show
any additional errors.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100625/2ad411cb/attachment.pgp>

More information about the samba-technical mailing list