[CentOS] Replace NIS by Active Directory

Nico Kadel-Garcia nkadel at gmail.com
Fri Mar 18 16:24:55 UTC 2011


On Fri, Mar 18, 2011 at 11:19 AM, Alain Péan
<alain.pean at lpp.polytechnique.fr> wrote:
> Le 18/03/2011 16:07, Nico Kadel-Garcia a écrit :
>
> <snip>
> ... that the default maximum group or username is 8 characters,...
> <snip>
>
> It was the case with solaris, but fortunately not on Linux. I don't
> remember what is the maximum length, but I think it could be up to 128
> characters...
>
> Alain

Well, yes. Centrify reasonably says "are you sure about this????" when
you try to set such long names, and can even mangle the names into the
shorter structure for you. (I don't recommend this.)

The boobytraps arise when someone's login in Active Directory is, for
example, "NKadel", and you have your NIS/LDAP/whatever mapping think
that your home directory and username is "NKadel", but your old NIS
setup thought your login name was "nkadel".

This way lies mixed case support madness, which is why "just write a
shell script with ldapmodify" gets..... nastier than you might
realize.



More information about the CentOS mailing list