Logon name > 20 characters
 




IT Certification FAQ
 
|
Home
 |
Microsoft
 |
CISCO
 |
CompTIA
 |
Exam/Study FAQ
 |
Employment FAQ
 | Links  | Forums  |
Book Reviews


FAQFAQ  SearchSearch  MemberlistMemberlist  UsergroupsUsergroups  RegisterRegister  ProfileProfile  Log in to check your private messagesPrivate messages  Log inLog in

Logon name > 20 characters

 
Post new topic   Reply to topic    Forum Index -> microsoft.public.windows.server.active_directory
Author Message
bearlyworking
Guest
PostPosted: Sat Sep 29, 2007 1:01 am    Post subject: Logon name > 20 characters Reply with quote
Does windows support logon names longer than 20 characters?

I am unable to logon with a greater than 20 character username.

We are running a win2k3 native domain with 2k and XP clients.

We are planning on changing our naming convention (due to an extra 35k
accounts)

thanks
BW
Back to top
Richard Mueller [MVP]
Guest
PostPosted: Sat Sep 29, 2007 1:01 am    Post subject: Re: Logon name > 20 characters Reply with quote
The entire area of names is very confusing in AD. When you create a user
with the GUI in ADUC:

1. You enter first name, middle initial, and last name. These become the
values of the "givenName", "initials", and "sn" attributes of the user
object.
2. The GUI fills in the "Full name" field, although you can alter it. This
is the "cn" attribute (Common Name). It also becomes the "Display Name" in
ADUC, which is the value of the "displayName" attribute.
3. You fill in a field labeled "User logon name". This is the
"userPrincipalName" (with the suffix in the next box in the form
@MyDomain.com).
4. The GUI fills in the "pre-Windows 2000" name, which is the
"sAMAccountName" attribute.

In ADUC the field labeled "Name" is the Common Name of the user (the value
of the "cn" attribute).

Although the sAMAccountName is limited to 20 characters, the
userPrincipalName and cn attributes can be over 100 characters. You can
logon with either userPrincipalName or sAMAccountName. If you key in a value
over 20 characters for userPrincipalName in the GUI when you create the
user, the sAMAccountName value is cut off after the first 20 characters. You
can also modify these values in ADUC after the user is created, on the
Account Tab. The userPrincipalName is labeled "User logon name" and
sAMAccountName is labeled "User logon name (pre-Windows 2000)".

sAMAccountName and userPrincipalName each must be unique in the domain. The
Common Name must be unique in the container or OU.

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--

"bearlyworking" <bearlyworking@discussions.microsoft.com> wrote in message
news:CFE2B171-01C7-4F2C-8222-F22011D8FE4A@microsoft.com...
Quote:
So the samaccount name is the name a user types in on their win2k\xp user
logon screen,correct?

In ADUC when you create an account there is 2 fields for logon name.
User logon name and then the pre-2k logon name.
So are both fields limited to 20?
If user logon name is not limited to 20 can we use that to logon with?


We are using clients 2000 SP4 and newer so we don't need to use the pre-2k
name.

WRT to the naming change.
A commitee (with no techs on it..typical) decided to change the naming
convention to firstname_lastname to fit a new portal software
implemention.


Thanks a bunch for the replies.
BW


"Richard Mueller [MVP]" wrote:

BW wrote:

Does windows support logon names longer than 20 characters?

I am unable to logon with a greater than 20 character username.

We are running a win2k3 native domain with 2k and XP clients.

We are planning on changing our naming convention (due to an extra 35k
accounts)

You cannot assign a string longer than 20 characters to the
sAMAccountName
attribute of a user object (pre-Windows 2000 logon name). The Common Name
(value of the cn attribute) can be much longer. The User Logon Name
(userPrincipalName) can also be longer (over 100 characters).

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--


Back to top
Richard Mueller [MVP]
Guest
PostPosted: Sat Sep 29, 2007 1:01 am    Post subject: Re: Logon name > 20 characters Reply with quote
BW wrote:

Quote:
Does windows support logon names longer than 20 characters?

I am unable to logon with a greater than 20 character username.

We are running a win2k3 native domain with 2k and XP clients.

We are planning on changing our naming convention (due to an extra 35k
accounts)

You cannot assign a string longer than 20 characters to the sAMAccountName
attribute of a user object (pre-Windows 2000 logon name). The Common Name
(value of the cn attribute) can be much longer. The User Logon Name
(userPrincipalName) can also be longer (over 100 characters).

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--
Back to top
Lanwench [MVP - Exchange]
Guest
PostPosted: Sat Sep 29, 2007 1:01 am    Post subject: Re: Logon name > 20 characters Reply with quote
bearlyworking <bearlyworking@discussions.microsoft.com> wrote:
Quote:
Does windows support logon names longer than 20 characters?

I am unable to logon with a greater than 20 character username.

We are running a win2k3 native domain with 2k and XP clients.

We are planning on changing our naming convention (due to an extra 35k
accounts)

thanks
BW

Just curious as to why you'd *want* it....who would want to type in that
much every time they logged in? Come up with a standardized naming
convention for your whole company, such as
first initial surname
first initial, middle initial, first fourletters of surname.
Etc.

If you end up with two Jane Mary Smiths, one of them can be jmsmi2 . You get
the drift!
Back to top
bearlyworking
Guest
PostPosted: Sat Sep 29, 2007 1:01 am    Post subject: Re: Logon name > 20 characters Reply with quote
So the samaccount name is the name a user types in on their win2k\xp user
logon screen,correct?

In ADUC when you create an account there is 2 fields for logon name.
User logon name and then the pre-2k logon name.
So are both fields limited to 20?
If user logon name is not limited to 20 can we use that to logon with?


We are using clients 2000 SP4 and newer so we don't need to use the pre-2k
name.

WRT to the naming change.
A commitee (with no techs on it..typical) decided to change the naming
convention to firstname_lastname to fit a new portal software implemention.


Thanks a bunch for the replies.
BW


"Richard Mueller [MVP]" wrote:

Quote:
BW wrote:

Does windows support logon names longer than 20 characters?

I am unable to logon with a greater than 20 character username.

We are running a win2k3 native domain with 2k and XP clients.

We are planning on changing our naming convention (due to an extra 35k
accounts)

You cannot assign a string longer than 20 characters to the sAMAccountName
attribute of a user object (pre-Windows 2000 logon name). The Common Name
(value of the cn attribute) can be much longer. The User Logon Name
(userPrincipalName) can also be longer (over 100 characters).

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--


Back to top
Display posts from previous:   
Post new topic   Reply to topic    Forum Index -> microsoft.public.windows.server.active_directory All times are GMT
Page 1 of 1

 

Copyright © 2002-2006 Web-S-Sense Pty. Ltd. All rights reserved.

Powered by phpBB
Advertising | Policies/Disclaimers | Contact us | Link to us

Featured Sites: Free Antivirus and Antispyware Info | Free PC Support | MCSE Directory