Alexander Bokovoy via FreeIPA-users schreef op 10-10-2018 12:47:
>On ke, 10 loka 2018, Winfried de Heiden via FreeIPA-users wrote:
>>Hi all,
>>
>>The Red Hat manual is not too clear about this
(
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/...)
>>
>>IdM supports user names that can be described by the following
>>regular expression:
>>
>>[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?
>>Note
>>User names ending with the trailing dollar sign ($) are supported
>>to enable Samba 3.x machine support.
>>If you add a user whose user name contains uppercase characters,
>>IdM automatically converts the name to lowercase when saving it.
>>Therefore, IdM always requires users to enter their user names all
>>lowercase when logging in. Additionally, it is not possible to add
>>users whose user names only differ in letter casing, such as user
>>and User.
>>
>>Having co-workers from different countries using different
>>languages we want to avoid "strange" character from Cyrilic,
>>German, Hindoi etc. etc.
>>Reading the docs, it suggest only plain UTF ASCII is supported, no
>>"strange" characters. Correct? Or else: how to avoid/not allow
>>non standard ASCII usernames?
>ASCII, not UTF(-8). See a good presentation by Paul Gorman on the
>topic:
>https://paulgorman.org/technical/presentations/linux_username_conventions.pdf
>
>While we can store UTF-8 in 'uid' attribute in LDAP, POSIX systems are
>what practically limits us here.
OK, it's stored in UTF-8, which supports an awfull lot of
characters... But IPA seems to protect us:
ipa user-add --first="ßuper" --last="üser" ßuperüser
ipa: ERROR: invalid 'login': may only include letters, numbers, _, -,
. and $
As I said, POSIX systems are the limit, thus IPA limits you to have uid
as POSIX standard requires.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland