We're using OS Authentication and the domain accounts use the following username structure: <firstname>.<lastname>, eg my user is eric.maddocks on the domain. When logging in OA doesn't complain or advise that this will cause issues. Even when creating users locally and including a period '.' in the username it allows you to do so. If you then try to configure user settings it breaks as the username is used for the internal DP (_usr_<username>) and '.' is not a valid character to use in DP names.
I couldn't see anything in the documentation to warn developers about this. If this warning is not in the documentation please add it, if this check could be done in OA and prevent the creation of invalid usernames that would be even better!
Username restrictions
- hpuchegger
- Posts:86
- Joined: Fri Oct 08, 2021 10:38 am
Re: Username restrictions
Dear emaddocks,
thank you very much for pointing out the documentation deficiencies. We will extend this restriction and the exact definition of a user's name conversion in our documentation.
Best regards,
Herbert Puchegger
thank you very much for pointing out the documentation deficiencies. We will extend this restriction and the exact definition of a user's name conversion in our documentation.
Best regards,
Herbert Puchegger
- buec
- Posts:28
- Joined: Tue Dec 07, 2010 3:09 pm
Re: Username restrictions
From my point of view, a '.' must be allowed in the user name. This is very common in ActiveDirectory environments. I see the problem more in the fact that the user settings derive the DP from the user name and not e.g. the user id.
Best regards
Christoph
Best regards
Christoph
- hpuchegger
- Posts:86
- Joined: Fri Oct 08, 2021 10:38 am
Re: Username restrictions
You are right. this will be forwarded as bug as the product must support every character that is possible to use in an external system, typically in an AD.
Best regards,
Herbert
Best regards,
Herbert
- emaddocks
- Posts:83
- Joined: Tue Sep 04, 2018 12:50 am
Re: Username restrictions
Hi Herbert,
Would this be considered a high priority bug? Just wanting to gauge how long we have to wait before a patch is released. Unfortunately we already have a production system connected to a domain with such usernames so in the meantime we will have to implement a temporary work around to accommodate these broken user settings.
Cheers
Eric
Would this be considered a high priority bug? Just wanting to gauge how long we have to wait before a patch is released. Unfortunately we already have a production system connected to a domain with such usernames so in the meantime we will have to implement a temporary work around to accommodate these broken user settings.
Cheers
Eric
- emaddocks
- Posts:83
- Joined: Tue Sep 04, 2018 12:50 am
Re: Username restrictions
Hi Herbert,
I've noticed this bug fix in the latest patch of 3.18, Patch 19:
Is this a temporary bug fix to prevent invalid characters being used or is this ETMs final solution to this issue?
Cheers
Eric
I've noticed this bug fix in the latest patch of 3.18, Patch 19:
Code: Select all
165133/1-6340790731: OS-Auth Login does not check the username against
forbidden characters.Cheers
Eric
- hpuchegger
- Posts:86
- Joined: Fri Oct 08, 2021 10:38 am
Re: Username restrictions
Hello,
this was just a partial fix.
The login now checks if there are any forbidden characters in the username and lets you not create the user if that is the case.
OS-Auth Login does not check the username against forbidden characters.
If you would like this to be treated with high priority, you must create a service request on our portal. Then there is a greater chance that the problem will be solved more quickly:
https://support.industry.siemens.com/
Br, Herbert
this was just a partial fix.
The login now checks if there are any forbidden characters in the username and lets you not create the user if that is the case.
OS-Auth Login does not check the username against forbidden characters.
If you would like this to be treated with high priority, you must create a service request on our portal. Then there is a greater chance that the problem will be solved more quickly:
https://support.industry.siemens.com/
Br, Herbert