Our implementation updates the nextRid attribute in the domain entry (eg. dc=windows,dc=samba,dc=org) whenever a RID needs to be allocated. Removing the old value and adding the new one is used to guarantee atomicity.
It is interesting to note that the distributed RID allocation scheme used in Active Directory is patented by Microsoft. This is only useful in a multi-master directory, though. -- Luke -- Luke Howard | PADL Software Pty Ltd | www.padl.com
