[Samba] Allocate RID problem: algorithm vs NextRid

Paweł Dobrosielski pawel at dobrosielski.pl
Sat Aug 14 09:52:58 MDT 2010


Hi,

after looking for some time on the web for a solution to my problem I 
feel really brainwashed and I hope someone here can help me :)

I'm setting up a PDC based on this:
Ubuntu Linux 10.04 LTS
Samba 3.4.7
OpenLDAP backend
smbldap-tools

and I have a problem with RID allocation. Long time ago (before Samba 
3.0.25?) RID was generated this way:
uid * 2 + 1000
gid * 2 + 1001
and it was nice and predictable.

Now, as far as I'm aware of, Samba with LDAP backend don't do that any 
more. It uses sambaNextRid attribute.

I was trying to use smbldap-tools to generate the sambaSAMaccount but I 
was getting those nasty errors like the need of adding machine to domain 
twice and so on... ("A device attached to the system is not functioning" 
- error). I guess it's because Samba was trying to create 
sambaSAMAccount itself. The same error-full effect I got when using 
usermgr.exe from srvtools.exe.


Q1. Is there any way to force Samba+LDAP to use "old style" RID allocation?
Q2. Is there a very important reason NOT to use RID algorithmic allocation?


Pawel
pawel at dobrosielski.pl

ps. I had the same "problem" on Ubuntu 8.04 and Samba 3.0.28a but there 
the old smbpasswd was still using the algorithm method. In 3.4.7 it's 
"fixed" and smbpasswd tool also uses sambaNextRid.




More information about the samba mailing list