Univention Bugzilla – Bug 34973
Issue a warning if the username is longer than 20 characters
Last modified: 2017-06-28 15:33:20 CEST
Windows 7 seems to have a bug causing logins of accounts with len(username) > 20 to fail with the error message Data area passed to a system call is too small https://bugzilla.samba.org/show_bug.cgi?id=7343#c17 Maybe we should issue a warning in UMC.
Actually the MS error message ID is ERROR_INSUFFICIENT_BUFFER.
Just for future reference: log.smbd also had a related message: =========================================================== [2014/05/26 15:14:42.747487, 10, pid=24534, effective(2627, 5088), real(2627, 0)] ../source3/smbd/ smb2_server.c:1894(smbd_smb2_request_dispatch) smbd_smb2_request_dispatch: opcode[SMB2_OP_GETINFO] mid = 17 [...] [2014/05/26 15:14:42.751003, 3, pid=24534, effective(2627, 5088), real(2627, 0)] ../source3/smbd/nttrans. c:1974(smbd_do_query_security_desc) smbd_do_query_security_desc: sd_size = 48. [2014/05/26 15:14:42.751052, 10, pid=24534, effective(2627, 5088), real(2627, 0)] ../source3/smbd/nttrans. c:1978(smbd_do_query_security_desc) smbd_do_query_security_desc for file windows-profiles/default.V2 [...] [2014/05/26 15:14:42.751515, 10, pid=24534, effective(2627, 5088), real(2627, 0)] ../source3/smbd/ smb2_server.c:2643(smbd_smb2_request_error_ex) smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_BUFFER_TOO_SMALL] | +info| at ../source3/smbd/ smb2_getinfo.c:170 [2014/05/26 15:14:42.751563, 10, pid=24534, effective(2627, 5088), real(2627, 0)] ../source3/smbd/ smb2_server.c:2544(smbd_smb2_request_done_ex) smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_BUFFER_TOO_SMALL] body[8] dyn[yes:4] at ../source3/ smbd/smb2_server.c:2682 =========================================================== This comes from source3/smbd/nttrans.c:smbd_do_query_security_desc =========================================================== if (max_data_count < *psd_size) { TALLOC_FREE(frame); return NT_STATUS_BUFFER_TOO_SMALL; } ===========================================================
There you go: samaccountname is limited to 20 characters. The AD even disallows ldapmodifying it to a longer string. http://msdn.microsoft.com/en-us/library/ms679635%28v=vs.85%29.aspx When creating a user in W2K8R2 AD with a longer name, the principalname is allowed to be the long version but the samaccountname is restricted. Logon at the windows 7 client is only possible with the short version.
The Enterprise Customer affected flag is set but neither a Ticket number is referenced nor a Customer ID is set. Please set a Ticket number or a Customer ID. Otherwise the Enterprise Customer affected flag will be reset.
Customer uses his own Ticket system.
r 80373 univention-management-console-module-udm (7.0.10-7) * Bug #34973: Show a warning if a user name has more than 20 characters YAML: r 80380 --- The warning is shown as a tooltip directly on the user name input field and as a notification when the user is saved.
REOPEN: The sentence """ <b>Warning:</b> The user name{username} is longer than {length} characters.<br>A login on Windows clients is not possible with a user name that has more than {length} characters. """ contains duplicated phrases. Better is something like: <b>Warning:</b> The username is longer than {length} characters which makes login on Windows clients impossible. Please consider shorten the username. There is no HTML escaping, if I e.g. enter a username like <b>Foo. I don't think it's necessary to mention the username at all. Please move the new block """ } else if (success) { + // show a warning notification if a user is saved """ into an own function/method. The for loop can only be executed in moduleFlavor === 'users/user' (early exit). The for loop can be done with array.forEach() or tools.forIn()! For me the following line looks like a memory leak: + this.usernameMaxLengthChecker = new UsernameMaxLengthChecker({textBoxWidget: widgets.username}); → this.own(this.usernameMaxLengthChecker) is missing?! YAML: "Show a warning" → "A warning is now shown"
(In reply to Florian Best from comment #7) > REOPEN: > The sentence """ > <b>Warning:</b> The user name{username} is longer than {length} > characters.<br>A login on Windows clients is not possible with a user name > that has more than {length} characters. > """ contains duplicated phrases. > Better is something like: > <b>Warning:</b> The username is longer than {length} characters which makes > login on Windows clients impossible. Please consider shorten the username. > > There is no HTML escaping, if I e.g. enter a username like <b>Foo. I don't > think it's necessary to mention the username at all. > > Please move the new block """ > } else if (success) { > + // show a warning notification if a user is saved > """ into an own function/method. > > The for loop can only be executed in moduleFlavor === 'users/user' (early > exit). > The for loop can be done with array.forEach() or tools.forIn()! r 80396 univention-management-console-module-udm (7.0.10-8) * Bug #34973: Improve wording of warning message for long user names ----- > YAML: "Show a warning" → "A warning is now shown" r 80397 ----- > For me the following line looks like a memory leak: > + this.usernameMaxLengthChecker = new > UsernameMaxLengthChecker({textBoxWidget: widgets.username}); > > → this.own(this.usernameMaxLengthChecker) is missing?! I don't think this is a memory leak. TextBoxMaxLengthChecker and in turn UsernameMaxLengthChecker does not inherit from _WidgetBase and does not get added to the dijit.registry. If the DetailPage is destroyed the UsernameMaxLengthChecker instance should get garbage collected since there is no longer a reference to it.
OK: Code-Review OK: the message/notification is shown in the detail page, in the wizard and after modifying the username OK: YAML
<http://errata.software-univention.de/ucs/4.2/75.html>