[Freeipa-users] UID splitting policy and running out.
Dmitri Pal
dpal at redhat.com
Tue Oct 2 21:55:46 UTC 2012
On 10/02/2012 05:41 PM, Steven Jones wrote:
> Hi,
>
> I just found that I had runout of UIDS when doing a winsync agreement.
>
> >From my understanding when you add a replica it takes 1/2 of the master's UIDs block...so a 2nd replica takes 1/2 of that again?
>
> In my case I rebuilt the replica's several times and the Master ended up with only 2500 UIDs left...
>
> When I did a winsync then it wasnt happy.
>
> I'd suggest that as part of the winsync setup a ldapsearch is done to make sure there are plenty left and allocate more if need be ....unless its a virgin setup....but a large site with say 2 replicas would leave 25000 UIDs on the master? not unusual for AD's to have 25000+ users I'd suggest. (we have about 21000).
>
> or did I do something wrong?
The ranges are 200K wide as far as I remember so if you tried to sync
and delete 10 times then you might have in fact depleted your range. But
this is a not production environment situation. At this state it would
be wise to start over with the clean staging environment.
And you can also add more ranges if you hit this in production.
See
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html-single/Identity_Management_Guide/index.html#Managing-Unique_UID_and_GID_Attributes
for more info.
> regards
>
> Steven Jones
>
> Technical Specialist - Linux RHCE
>
> Victoria University, Wellington, NZ
>
> 0064 4 463 6272
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list