[sparks-discuss] Active Directory name service module (nss_ad) [PSARC/2008/441 FastTrack timeout 07/18/2008]
Mike Gerdts
mgerdts at gmail.com
Fri Jul 11 19:37:41 PDT 2008
On Fri, Jul 11, 2008 at 4:53 PM, Nicolas Williams
<nw141292 at sac.sfbay.sun.com> wrote:
> o Unix username (pw_name, sp_namp) is taken from the value of the
> "samAccountName" AD attribute of the user object, qualified with
> the name of the domain in which that object resides (e.g.,
> "foo at example").
If the AD samAccountName does not conform to traditional UNIX account
naming semantics, how is this handled? As of snv_91, passwd(4)
indicates that warnings will be issued when usernames that don't
adhere to the UNIX tradition are encountered. Would this proposal
relax the limitations documented in passwd(4) or would only a subset
of valid AD usernames be supported?
For instance, AD and Windows allow samAccountName to contain a string
that looks like a 9-digit number. While a 9-digit number as a
username works in Solaris (at least as far back as Solaris 8) with
very few real issues, it has been an unsupported username from the
standpoint of Sun and some ISV's that provide software on Solaris.
--
Mike Gerdts
http://mgerdts.blogspot.com/
More information about the opensolaris-arc
mailing list