3.1.1.9.2.2 Non-DC Configuration

The following steps are used to generate a unique RID on a non-DC configuration.

  1. The server MUST generate a 32-bit integer value subject to all of the following constraints:

    1. The value MUST be greater than or equal to 1000.

    2. Any value chosen by this algorithm that is successfully committed in a transaction MUST NOT ever be used again for objectSid generation within the current domain.

  2. If the constraints in step 1 cannot be satisfied, the server MUST abort processing and return an error status.