Hello,
We have a linux machine with a hostname that is longer than 19
characters. AFAIK the SamAccountName attribute in AD is limited to at
most 20 characters (inkl. trailing $). I.e. the usable characters is at
most 19.
In many AD docs it is stated that a Windows hostname should not exceed
15 characters for backward compatibility, but we do not really care
about that.
Could you comment on how does SSSD pick the principal / username name to
use for kerberos / ldap authentication / reading the keytab / and so on
in the case of the hostname being longer than 19 characters?
I could not find anything in the docs of sssd-ad about this.
Will it use
1) UNRESTRICTED_VERY_LONG_HOSTNAME$
2) 19_CHARACTERS_HOSTNAME$
3) 15_CHAR_HOSTNAME$
?
Thanks for clarifying. It will help us deciding on how to proceed with
hosts with long host names.
Best regards,
J Brauchle
Attachments:
- smime.p7s
(application/pkcs7-signature — 4.8 KB)