Bug 9960 - Half used RID pool causes new pool allocation per RID
Summary: Half used RID pool causes new pool allocation per RID
Status: RESOLVED DUPLICATE of bug 10014
Alias: None
Product: Samba 4.0
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.0.6
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
Depends on:
Reported: 2013-06-20 01:29 UTC by CS
Modified: 2013-07-13 07:33 UTC (History)
2 users (show)

See Also:

Possible fix? (1.04 KB, patch)
2013-06-20 01:34 UTC, CS
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description CS 2013-06-20 01:29:07 UTC
When half of the RIDs in a pool are allocated (default=500), every subsequent RID allocation also causes a new RID pool allocation and the RID values jump by 124501.

This has a few side effects:
1) Reduces life expectancy of the domain since only a finite number of RIDs can be allocated.
2) Creates some additional overhead of allocating RIDs on each RID allocation.
3) Reduces the number of domains sssd's AD integration can handle (see "slices" http://jhrozek.fedorapeople.org/sssd/1.9.0/man/sssd-ad.5.html)
Comment 1 CS 2013-06-20 01:34:17 UTC
Created attachment 8986 [details]
Possible fix?
Comment 2 CS 2013-06-20 01:48:21 UTC
How to reproduce

In a new instance, create over one RID pool of accounts accounts:
while [ $j -le 500 ]; do
	/usr/local/samba/bin/samba-tool user add user_$x Password123
	j=$(( $j + 1 ))

List the RID numbers used, noting the 124501 spike:
/usr/local/samba/bin/ldbsearch -H /usr/local/samba/private/sam.ldb '(cn=user_*)' objectSid|grep objectSid | awk -F- '{print $8}'|sort -n
Comment 3 Stefan Metzmacher 2013-07-13 07:33:58 UTC

*** This bug has been marked as a duplicate of bug 10014 ***