On 09/05/2017 06:01 PM, Yves Bellefeuille wrote:> FHDATA wrote: > >> some users' login fails since they type upper >> case for their user ids ,etc ... > Wouldn't it be better to explain to the users that the userid is case > sensitive? You probably don't want a system where Fhdata, FHData and > FHDATA are all possible and are different users. >Normally, it's a failure to respond to a technical question by instead telling someone how to administer their system(s) or recommending different software. But in this instance I have to agree with Yves. For even if you, fhdata, were to successfully change system handling of userid for sssd, you would then have to allow the same sort of policy for other services such as email and news. Userids could be used also in databases which could be then corrupted. Problems could be introduced also into the various logs. If, as is likely the case, you are not the only sysadmin on the system(s), you would also be creating problems for the other sysadmins, now and into the future. I think it would also be a disservice to users, for case-insensitive userids is not what they'll find on web sites and web services throughout the rest of the world, even on their own phones. So I'd agree, in this instance you should stay with the standard and explain to users that there ids are case sensitive.
On 9/6/2017 3:45 AM, ken wrote:> I think it would also be a disservice to users, for case-insensitive > userids is not what they'll find on web sites and web services > throughout the rest of the world, even on their own phones.I agree with you on other points, but beware of this one. I've discovered that game logins, notably Blizzard, are case-insensitive. It's quite frustrating. (I also hate websites that reject spaces in passwords.) Then there's sites that reject plus signs in email and use your email as your account name, which frustrates anti-spam measures and attempts to make your account name harder to guess by adding a "disposable" address tag (eg. shiva+centoslistexample at sewingwitch.com). Let savvy users make their credentials harder to guess.
Kenneth Porter wrote:> On 9/6/2017 3:45 AM, ken wrote: >> I think it would also be a disservice to users, for case-insensitive userids is not what they'll find on web sites and web services throughout the rest of the world, even on their own phones. > > I agree with you on other points, but beware of this one. I've discovered that game logins, notably Blizzard, are case-insensitive. It's quite frustrating. (I also hate websites that reject spaces in passwords.) Then there's sites that reject plus signs in email and use your email as your account name, which frustrates anti-spam measures and attempts to make your account name harder to guess by adding a "disposable" address tag (eg. shiva+centoslistexample at sewingwitch.com). > > Let savvy users make their credentials harder to guess.Plus signs in email addresses can have special meanings, depending on the configuration of the MTA (or MTAs in the path), so it makes sense to me to reject them. (I don?t remember what they were used for or I would provide a suitable link to the exim documentation ...) Another thing is that the admin should be able to specify which characters should be allowed/forbidden in file names. I really don?t understand why that isn?t possible; I consider it a requirement.