Announcement

Collapse
No announcement yet.

How to remove Mandantory requirement for - User Logon Name (pre-Windows 2000)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to remove Mandantory requirement for - User Logon Name (pre-Windows 2000)

    Ok, I'm enjoying asking the really ugly left field questions here, and since I'm doing such a good job at it, I thought i would ask another one.

    When you create an account in AD, you realise that both logon and logon pre-2000 fields are mandatory. However due to the nature of the AD environment we are setting up, and the heavy use of UPN, we are finding this field gets in the way, especially with its 20 character limit.

    Is there any way to remove the mandantory requirement for this field, or failing that increase the character limit on this field?


    Thx in advance!

  • #2
    Re: How to remove Mandantory requirement for - User Logon Name (pre-Windows 2000)

    Does it not truncate automatically?
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: How to remove Mandantory requirement for - User Logon Name (pre-Windows 2000)

      Hi,

      I think it is mandatory to use a samAccountName (the user attribute in question).
      Also,
      you canít specify in Active Directory a samAccountName with more than 20 characters. The schema definition (256 chars) is overruled by the SAM rules (20 chars).
      http://social.technet.microsoft.com/...-30755450a5f1/

      Can you be a bit more specific as to why it's getting in the way? Would a compromise sort it?
      Caesar's cipher - 3

      ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

      SFX JNRS FC U6 MNGR

      Comment


      • #4
        Re: How to remove Mandantory requirement for - User Logon Name (pre-Windows 2000)

        Originally posted by L4ndy View Post
        Can you be a bit more specific as to why it's getting in the way? Would a compromise sort it?
        Sorry weekend came around quicker that I expected and totally forgot to update this.

        Due to the fact that the AD installation i'm deploying is for a web hosting company, it gets very tricky. The problem arises where every customer will have a UPN created for their domain. So we could essentially have:


        Thats easy enough to, because the "John" part of the username only have to be unique to that UPN, not to the whole of the directory. Now when it comes to creating the Pre-Windows 2000 Logon name, that name must be unique to all of the domain. So we were thinking of doing john_%customerID% or something of the sort. But then the problem arises where the one customer has multiple domains. How do we ensure we have a unique pre-w2k username and still try and have some relevancy to who they are, all within the 20 character limit. Otherwise would would do something like john_%CustomerID%_%domainname% (%DomainName% could also be a abbreveation), but we cant get all that in the 20 char limit.

        Hence why i was asking if there was a way to remove the requirement for that pre-w2k logon name.

        Hopefully this makes sense, if it doesnt let me know how i can elaborate more. The thing that has caught me out with this AD design is that its very unlike deploying within a corporate organisation, instead your creating accounts for customers of many many different companies, not employees of the one company.

        Comment


        • #5
          Re: How to remove Mandantory requirement for - User Logon Name (pre-Windows 2000)

          In that case I think a compromise would probably be your best bet.
          You can use the %CustomerId% as a samAccountname and then use another attribute to store the domain membership info such as the Description attribute.

          Ta
          Caesar's cipher - 3

          ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

          SFX JNRS FC U6 MNGR

          Comment

          Working...
          X