So let’s say you want to know how many objects are created on a domain controller, you want to see shen it’s receiving a new RID pool?
checkout the RID-SET
Set ObjRid= GetObject (“LDAP://CN=RID Set,CN=DC01,OU=Domain Controllers,DC=fabrikam,DC=com”)
it lists all the properties that the LOCAL! DC uses to handout RID numbers.. if the rIDPreviousAllocationPool and rIDAllocationPool are the same, the server is still on it’s initial RID pool.. but that can also be viewed by looking at the creation and modification date offcourse (whenCreated, whenChanged)
Putting:
Set ObjRid= GetObject (“LDAP://CN=RID Set,CN=NLDATADC04,OU=Domain Controllers,DC=intra,DC=NUMICO,DC=NET”)
intRidNumber=objrid.rIDNextRID
wscript.echo “Rid Number:” & intRidNumber
in a script will give you the next RID number.. but that is PER domain controller!
(UPDATE: It is not the nextRID being given out.. it’s the last used RID: MS docs are going to be updated)
The large number must be splitted, (for example in LDP Large Integer Converter). Low=number of given out SID’s to all DC’s (per 500) and high number is top of the RID pool.
Just for fun 🙂