Computer systems typically include two or more computers networked together to allow the sharing of applications, resources, services and information by a number of users. Applications running in this de-centralized environment need information about the system from time to time, including, for example, information about users, host name resolution, passwords, and file locations. Typically, a network service known as a “directory service” (or “name service”) is used to store, maintain, and provide this information to clients of the system. A directory service typically keeps track of resources on a network and makes this information available to users and applications. For example, when a user logs on, the login program on the local computer may communicate with the directory service to check the user's username, password and other authentication information. The local computer may further communicate with the directory service to obtain information about the user's permissions in the network.
Typically, a directory service includes a database where the directory data is stored, as well as programs for administering the database and programs for communicating with client applications. The directory service may be implemented on one or more servers on the network.
A directory service that utilizes multiple master servers may be implemented in what is known as a loosely coupled distributed environment. In such a system, each server independently creates and modifies entries of the directory service independent of the other servers. The data is later replicated and synchronized among the master servers of the directory service.
To keep track of users and groups of users who are members of the directory service, it is helpful for the directory service to assign each user and each group a unique numeric identifier. For example, in the well known POSIX directory service schema of UNIX, users and groups of users are assigned a unique numeric identifier for each user and group.
Unfortunately, in a loosely coupled directory service (i.e., a service with including multiple masters), it is difficult to guarantee the uniqueness of any numeric identifier assignment. For example, two master servers may assign the same number to different entities without realizing there is a conflict because data will be synchronized after the conflicting assignments have been made. Known systems attempt to resolve conflicts by using timestamps and simple conflict resolution rules. However, many situations require manual intervention of a system administrator to resolve a conflict. Accordingly, most loosely coupled directory services require the system administrator to manually assign numeric identifiers to users and groups.
It would therefore be desirable to provide methods and systems that assist the user in assigning unique numeric identifiers to users and groups associated with a loosely coupled multi-master directory service.