Re: complex characters in UID attribute

[Marc Patermann <hans.moser@ofd-z.niedersachsen.de>]

Vinay,

Vinay Kalkoti schrieb am 23.02.2011 11:39 Uhr:
> On Wed, Feb 23, 2011 at 2:37 PM, Marc Patermann
> <hans.moser@ofd-z.niedersachsen.de> wrote:
> > Vinay Kalkoti schrieb am 23.02.2011 09:10 Uhr:
> >
> > > I wanted to know what all complex characters can be included for an
> > > UID attribute.
> > >
> > > I have the following user names (uid).
> > >
> > > Please let me know which which of the following uid's are invalid -
> > >
> > > test_user: IT (LOC)
> > > sup_12$
> > > test_user:IT(LOC)
> > > test_user-IT
> > > test_user IT
> > > test_user:IT
> > > test_user(IT)
> > > test_user.IT
> > > test_user/IT
> > > test_user/IT
> > > test_user#IT
> > > test_user*IT
> > > test_user@IT
> > IMHO from the ldap point of view this is all totally valid. As long as it is
> > encoded in UTF-8.
> > According to this
> > http://www.andrew.cmu.edu/user/dd26/ldap.akbkhome.com/attribute/uid.html
> > the syntax of uid is Directory String which does not limit you either.
> >
> > Your application using uid may or may not have stricter rules than that...
> But, the user account with "test_user:IT" is not able to login. I have
> setup an OpenLDAP server and am using OpenLDAP client on SLES
> machines.
>
> SSH or "su - test_user:IT" fails. I see the following logs in
> /var/log/messages file.
"Your application using uid" here is "sshd", check there.


Marc