While I agree that deleting user accounts and the associated Identifiers has more downsides than upsides, VMS does not normally reuse the same value for a general identifier.
That is, if you issue a commands like
$ mcr authorize show /id testid /ful
%UAF-E-SHOWERR, unable to complete SHOW command
-SYSTEM-F-NOSUCHID, unknown rights identifier
$ mcr authorize add /id testid
%UAF-I-RDBADDMSG, identifier TESTID value %X800100CB added to rights database
$ mcr authorize rem /id testid
%UAF-I-RDBREMMSG, identifier TESTID value %X800100CB removed from rights database
$ mcr authorize add /id testid
%UAF-I-RDBADDMSG, identifier TESTID value %X800100CC added to rights database
$
The "next" value to be assigned to an identifier is kept in the RIGHTSLIST record with key value $$MAINTENANCE_RECORD. AUTHORIZE will attempt to use the value in the last 8 bytes of the $$MAINTENANCE_RECORD, and if that is already in use, it will keep incrementing until if gets to an unused value, and will then update the record with the next highest value.
I am not aware of any way to reset the value other than rewriting the $$MAINTENANCE_RECORD, i.e. it won't happen by accident.
Stock VMS does not remember what UICs have been used, at if it does, I am not aware of where it does. We have a command procedure we use to create new accounts, and each group has a template account, and we store the HEX value of the next UIC in the /owner field, just so we don't reuse UICs.
++++++++++++++++++++++++++++++++++++++++++++
Blue Sky mode on:
I wish each disk had a reserved file like [000000]RIGHTSLIST.SYS that contained the set of identifiers that were used on the disk, and this could be optional like QUOTA.SYS is for people that didn't want it.
Then when a volume was mounted, a consistency check could be done against the current RIGHTSLIST on the system, and if there were conflicts, it could refuse to mount the disk unless something like /override=rightslist_processing was specified. An anal/disk/repair would rebuild the file from the UICs and Identifiers found on the disk and the current RIGHTSLIST.DAT file.
The reason for such a check is to avoid accidentally granting ownership or access to files on the volume.
it depends
