[Samba] UNIX attribute UID no longer increments with RSAT

lingpanda101 at gmail.com lingpanda101 at gmail.com
Mon Aug 8 13:52:52 UTC 2016

On 8/8/2016 9:32 AM, Rowland Penny wrote:
> On Mon, 8 Aug 2016 08:52:39 -0400
> "lingpanda101 at gmail.com" <lingpanda101 at gmail.com> wrote:
>> Hello,
>>       I'm using rfc2307 to enable Unix attributes on my DC's. Recently
>> when adding a user and attempting to add a UID with the RSAT, I
>> receiving the following error.
>> 'Duplicate UID. Assign a uniqueUID.'
>> How do I list all users and their UID? I tried using 'pdbedit' and
>> wbinfo. Pdbedit appears to list the XID's and wbinfo needs me to
>> specify a user name. I need to confirm all users have a unique UID
>> before moving forward to troubleshoot this issue. Thanks.
> What version of windows is this ?
> When you used to add a uidNumber with the UNIX Attributes tab, the last
> uid used was stored in an attribute in AD, this attribute was created
> if it didn't exist, has windows stopped doing this ?
> The attribute in question is 'msSFU30MaxUidNumber' (there is another
> one for groups 'msSFU30MaxGidNumber') and this is stored in the AD
> object to be found at:
> CN=<Your
> lowercase
> NETBios
> domain
> name>,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,DC=your,DC=dns,DC=domain
> Rowland

This is with Windows 7.

I found the issue. I have another admin who creates users in AD. This 
user did not have the proper permissions to update this attribute with 
RSAT. I can't recall the error they received, but it mentioned not 
having permissions to update this field( I will get so as to post and 
update in this thread). Event though they were advised they do not have 
permissions, the UID was updated in Samba anyways(Possible security 
bug?). I verified it was in samba by using wbinfo.

To correct the issue, I manually incremented the new users UID to the 
next available one in Samba. This allowed RSAT to automatically 
increment the UID on a subsequent user I tested on.


More information about the samba mailing list