Issue Details (XML | Word | Printable)

Key: CORE-1593
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Major Major
Assignee: Alexander Peshkov
Reporter: Nikolay Ponomarenko
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
Firebird Core

Full domain user name can be longer than 31 char(for trusted authentication)

Created: 14/Nov/07 09:07 AM   Updated: 18/Nov/08 01:49 PM
Component/s: None
Affects Version/s: 2.1 Beta 2
Fix Version/s: 2.1 RC1

Time Tracking:
Not Specified


 Description  « Hide
so such user can't cretate metadata, and even execute simple
select current_user from rdb$database

and seems, that new versions of windows can allow even longer names, then <15 chars of netbios name>\<20 chars user name>

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/ru/library/ServerHelp/232d2aab-b33b-4bf7-9c8c-bb659bf6a35b.mspx?mfr=true
Учетная запись пользователя:
На компьютерах под управлением Windows Server 2003 и Windows 2000 в качестве учетной записи пользователя можно использовать основное
имя пользователя (UPN). На компьютерах с Windows NT версии 4.0 и более ранними версиями максимальный размер составляет 20 символов
 
Здесь вообще какая-то магическая цифра в 104
 
http://technet.microsoft.com/ru-ru/library/Bb726984.aspx
Rules for Logon Names
Logon names must follow these rules:
  a.. Local logon names must be unique on a workstation and global logon names must be unique throughout a domain.
  b.. Logon names can be up to 104 characters. However, it isn't practical to use logon names that are longer than 64 characters.
  c.. A Microsoft Windows NT version 4.0 or earlier logon name is given to all accounts, which by default is set to the first 20
characters of the Windows 2000 logon name. The Windows NT version 4.0 or earlier logon name must be unique throughout a domain.

 All   Comments   Work Log   Change History   Version Control   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Alexander Peshkov added a comment - 15/Nov/07 07:59 AM
Looks like when I experimented with windows when doing trusted auth, I've lost an ability to count items in lines. Anyway - if they can exceed, the only safe thing we can do is disable logins of such users until mapping of OS objects to DB objects becomes implemented.
Nickolay, please - do not use russian in this tracker in the future. This is international tracker, and not everyone can read russian :-)