[Samba] Samba 4.7.9 dbcheck error
Rowland Penny
rpenny at samba.org
Thu Sep 27 08:42:55 UTC 2018
On Thu, 27 Sep 2018 20:26:01 +1200
Andrew Bartlett <abartlet at samba.org> wrote:
> On Thu, 2018-09-27 at 09:04 +0100, Rowland Penny via samba wrote:
> > On Thu, 27 Sep 2018 07:46:40 +0200
> > Daniel Jordan <d.jordan at gfd.de> wrote:
> >
> >
> > >
> > > Hello Andrew and Rowland,
> > >
> > > here's the ldbsearch output from both domain controllers:
> > >
> > >
> > > dc01:~# ldbsearch -H /var/lib/samba/private/sam.ldb
> > > '(&(objectClass=rIDSet)(cn=RID Set))' rIDNextRID
> > > # record 1
> > > dn: CN=RID Set,CN=DC01,OU=Domain Controllers,DC=xx,DC=xx,DC=xx
> > > rIDNextRID: 1495
> > >
> > > # record 2
> > > dn: CN=RID Set,CN=DC02,OU=Domain Controllers,DC=xx,DC=xx,DC=xx
> > > rIDNextRID: 0
> > >
> > >
> > > dc02:~# ldbsearch -H /var/lib/samba/private/sam.ldb
> > > '(&(objectClass=rIDSet)(cn=RID Set))' rIDNextRID
> > > # record 1
> > > dn: CN=RID Set,CN=DC01,OU=Domain Controllers,DC=xx,DC=xx,DC=xx
> > >
> > > # record 2
> > > dn: CN=RID Set,CN=DC02,OU=Domain Controllers,DC=xx,DC=xx,DC=xx
> > > rIDNextRID: 1716
> > >
> > >
> > > hope that helps
> > >
> > > Daniel
> > Well yes an no ;-)
> >
> > You posted this:
> >
> > dc01:~# ldbsearch -H /var/lib/samba/private/sam.ldb
> > '(&(objectClass=rIDSet)(cn=RID Set))' rIDAllocationPool
> > # record 1
> > dn: CN=RID Set,CN=DC01,OU=Domain Controllers,DC=xx,DC=xx,DC=xx
> > rIDAllocationPool: 2100-2599
> >
> > # record 2
> > dn: CN=RID Set,CN=DC02,OU=Domain Controllers,DC=xx,DC=xx,DC=xx
> > rIDAllocationPool: 1600-2099
> >
> > So how has 'rIDNextRID' been set to '1495' on DC01, when the
> > 'rIDAllocationPool' is '2100-2599' ?
> >
> > How are you creating users etc ?
>
> Because the attributes a horribly misnnamed!
>
> From ridalloc.c:
>
>
> /*
> Note: the RID allocation attributes in AD are very badly named. Here
> is what we think they really do:
>
> in RID Set object:
> - rIDPreviousAllocationPool: the pool which a DC is currently
> pulling RIDs from. Managed by client DC
>
> - rIDAllocationPool: the pool that the DC will switch to next,
> when rIDPreviousAllocationPool is exhausted. Managed by RID
> Manager.
>
> - rIDNextRID: the last RID allocated by this DC. Managed by client
> DC
>
> in RID Manager object:
> - rIDAvailablePool: the pool where the RID Manager gets new rID
> pools from when it gets a EXOP_RID_ALLOC getncchanges call (or
> locally when the DC is the RID Manager)
> */
>
> Almost none of them do what you would think they do!
>
> Andrew Bartlett
>
Should have known, this is a like 'msSFU30MaxUidNumber', which doesn't
hold the maximum uidNumber, it holds the next uidNumber to use.
Rowland
More information about the samba
mailing list