Marco Gaiarin
2019-Jan-09 16:00 UTC
[Samba] [Oddity] SAMAccountName and 20+ chars logins...
Reading here i've understod that for LDAP query it is better to use
SAMAccountName as 'login', but today i've found:
https://docs.microsoft.com/it-it/windows/desktop/ADSchema/a-samaccountname
so, 'SAMAccountName' is a compatibility field with NT mode, limited to
20 chars.
Someone here use 21 chars logins? ;-)
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia''
http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
L.P.H. van Belle
2019-Jan-09 16:12 UTC
[Samba] [Oddity] SAMAccountName and 20+ chars logins...
Hai Marco. Yes why not but that is because I dont use : Windows NT 4.0, Windows 95, Windows 98, and LAN Manager ;-) Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Marco Gaiarin via samba > Verzonden: woensdag 9 januari 2019 17:00 > Aan: samba at lists.samba.org > Onderwerp: [Samba] [Oddity] SAMAccountName and 20+ chars logins... > > > > Reading here i've understod that for LDAP query it is better to use > SAMAccountName as 'login', but today i've found: > > > https://docs.microsoft.com/it-it/windows/desktop/ADSchema/a-sa > maccountname > > so, 'SAMAccountName' is a compatibility field with NT mode, limited to > 20 chars. > > > Someone here use 21 chars logins? ;-) > > -- > dott. Marco Gaiarin GNUPG > Key ID: 240A3D66 > Associazione ``La Nostra Famiglia'' > http://www.lanostrafamiglia.it/ > Polo FVG - Via della Bontà, 7 - 33078 - San Vito al > Tagliamento (PN) > marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 > f +39-0434-842797 > > Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! > http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000 > (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA) > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Marco Gaiarin
2019-Jan-09 17:40 UTC
[Samba] [Oddity] SAMAccountName and 20+ chars logins...
Mandi! L.P.H. van Belle via samba In chel di` si favelave...> Yes why not but that is because I dont use : Windows NT 4.0, Windows 95, Windows 98, and LAN Manager > ;-)?! Sorry i've not understood. But really also samba wiki suggest ldap queries using SAMAccountName... https://wiki.samba.org/index.php?title=Special%3ASearch&search=samaccountname&go=Go -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797 Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000 (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
L.P.H. van Belle
2019-Jan-10 07:26 UTC
[Samba] [Oddity] SAMAccountName and 20+ chars logins...
Hai Marco, What i did mean. You can have 255 chars in total with these limitation's Windows NT 4.0, Windows 95, Windows 98, and LAN Manager : 20 = sAMAccountName Windows 2000 and up : 256 chars = sAMAccountName at alias.domain.tld ( full distinguished name ) The SAM-Account-Name attribute (also known as the pre?Windows 2000 user logon name) is limited to 256 characters in the Active Directory schema. However, for backward compatibility the limit is 20 characters So only if you have very old systems and must use lower then 21 characters or you might hit problems. Newer systems can handle the 20+ chars without problem, but limited to 256. Now on the ldapsearch, use what you want to use, just choose something that is indexed if you need the speed search. But now tell use what is your goal with the ldapsearch, because you can use ldapsearch just as on a normal ldap server. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Marco Gaiarin via samba > Verzonden: woensdag 9 januari 2019 18:40 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] [Oddity] SAMAccountName and 20+ chars logins... > > Mandi! L.P.H. van Belle via samba > In chel di` si favelave... > > > Yes why not but that is because I dont use : Windows NT > 4.0, Windows 95, Windows 98, and LAN Manager > > ;-) > > ?! Sorry i've not understood. > > > But really also samba wiki suggest ldap queries using > SAMAccountName... > > > https://wiki.samba.org/index.php?title=Special%3ASearch&search > =samaccountname&go=Go > > -- > dott. Marco Gaiarin GNUPG > Key ID: 240A3D66 > Associazione ``La Nostra Famiglia'' > http://www.lanostrafamiglia.it/ > Polo FVG - Via della Bontà, 7 - 33078 - San Vito al > Tagliamento (PN) > marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 > f +39-0434-842797 > > Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! > http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000 > (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA) > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >