[Samba] rid generation questions

steffo76 at gmx.de steffo76 at gmx.de
Tue Sep 6 04:13:04 MDT 2011

Ok, I couldn't find out what sambaAlgorithmicRidBase does but managed to find the source for the RID allocation in pdb_ldap.c where it says:

/* Find the largest of the three attributes "sambaNextRid",
"sambaNextGroupRid" and "sambaNextUserRid". I gave up on the
concept of differentiating between user and group rids, and will
use only "sambaNextRid" in the future. But for compatibility
reasons I look if others have chosen different strategies -- VL */

Looking at the code I can see that it takes the highest of the three values, increments it and the incremented value is the new RID. So the value of sambaNextRid isn't the next RID but the currently highest RID.

Is it safe to use the same strategy if I allocate RIDs via selfmade ldap scripts ? Get the values of all three attributes if they exist, take the highest, increment it in the directory and use the incremented value ? I need to add computer accounts from a server on which I can't (and don't want to) install samba making it impossible to run smbpasswd and would like to allocate the RIDs on my own. Same goes for user accounts which get created via a webmin module. 

Wouldn't it be safer to set sambaNextRid sambaNextGroupRid and sambaNextUserRid all to the same value ? If someone decides to use for instance sambaNextUserRid in the future and relies on the value being correct wouldn't he be reallocating existing RIDs ?
NEU: FreePhone - 0ct/min Handyspartarif mit Geld-zurück-Garantie!		
Jetzt informieren: http://www.gmx.net/de/go/freephone

More information about the samba mailing list