Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Full domain user name can be longer than 31 char(for trusted authentication) [CORE1593] #2014

Closed
firebird-automations opened this issue Nov 14, 2007 · 6 comments

Comments

@firebird-automations
Copy link
Collaborator

Submitted by: Nikolay Ponomarenko (pnv82)

so such user can't cretate metadata, and even execute simple
select current_user from rdb$database

and seems, that new versions of windows can allow even longer names, then <15 chars of netbios name>\<20 chars user name>

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/ru/library/ServerHelp/232d2aab-b33b-4bf7-9c8c-bb659bf6a35b.mspx?mfr=true
Учетная запись пользователя:
На компьютерах под управлением Windows Server 2003 и Windows 2000 в качестве учетной записи пользователя можно использовать основное
имя пользователя (UPN). На компьютерах с Windows NT версии 4.0 и более ранними версиями максимальный размер составляет 20 символов

Здесь вообще какая-то магическая цифра в 104

http://technet.microsoft.com/ru-ru/library/Bb726984.aspx
Rules for Logon Names
Logon names must follow these rules:
a.. Local logon names must be unique on a workstation and global logon names must be unique throughout a domain.
b.. Logon names can be up to 104 characters. However, it isn't practical to use logon names that are longer than 64 characters.
c.. A Microsoft Windows NT version 4.0 or earlier logon name is given to all accounts, which by default is set to the first 20
characters of the Windows 2000 logon name. The Windows NT version 4.0 or earlier logon name must be unique throughout a domain.

Commits: a80dd39

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

assignee: Alexander Peshkov [ alexpeshkoff ]

@firebird-automations
Copy link
Collaborator Author

Commented by: @AlexPeshkoff

Looks like when I experimented with windows when doing trusted auth, I've lost an ability to count items in lines. Anyway - if they can exceed, the only safe thing we can do is disable logins of such users until mapping of OS objects to DB objects becomes implemented.
Nickolay, please - do not use russian in this tracker in the future. This is international tracker, and not everyone can read russian :-)

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 2.1 RC1 [ 10201 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pcisar

Workflow: jira [ 13411 ] => Firebird [ 14149 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pcisar

status: Resolved [ 5 ] => Closed [ 6 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pavel-zotov

QA Status: No test

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants