Naming restrictions for users ?

[DAXU]

Hello

Is there some documents on the naming restrictions for users? For
example, what is the valid character set for first name, surname,
middle name etc.

Someone know where to find the information?

Thanks

 

[Jorge de Almeida Pinto [MVP - DS]]

although it does not mention users, you will get the idea

MS-KBQ909264_Naming conventions in Active Directory for computers, domains,
sites, and OUs

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx

 

[DAXU]

Hi Jorge,

Thanks for your reply. Actually I read the page before but the thing is
naming conventions for computers, domains and OUs are different.
When coming to User names, which rule should I follow? I guess computer
or domain?

Thanks

 

[Jorge de Almeida Pinto [MVP - DS]]

computers....


the length of the user name (samaccountname) can be up to: 256
characters (definition in the schema)

to be sure of all characters try to create a user in a test env using
those characters

--


Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx

 

[Herb Martin]

"Jorge de Almeida Pinto [MVP - DS]"

computers....

I would never follow the "allowed" rules but use
much more restrictive guidelines:

Alphabetic first character, AlphaNumeric subsequent
Max 14 characters total*

Specifically no underscores, dots, leading numerics,
or anything else that is non-alphanumeric.

Doing this will never cause a problem, but doing
anything else will cause problems in some cases
(some of which may be obsolete now, but why take
the chance.)

I follow the same rules for ANYTHING that will ever
(possibly) become a NetBIOS or (part of a) DNS name,
so Domains, Workgroups, Computers.

There is no reason not to follow this for OUs but there
I might be willing to use Underscores or other characters.

I break the rule in one specific case regularly: Template
user is "_UserCategoryName" (e.g., _Engineer) but this
is due to the fact that such template users will never
actually be used on the network but only for copying to
create a new user.

*All NetBIOS names are actually 16 characters (always)
as the OS extends Computer, User, Domain etc. names
to 15 characters with spaces and then uses the 16
character to represent different services (like IP does
with ports). One would then naively think (I did) that
15 characters would be acceptable but there have been
weird cases (e.g., something in MS SQL Server) where
even 15 was too long. Thus the restriction to 14
characters.

 

[Herb Martin]

"Jorge de Almeida Pinto [MVP - DS]"

computers....

I would never follow the "allowed" rules but use
much more restrictive guidelines:

Alphabetic first character, AlphaNumeric subsequent
Max 14 characters total*

Specifically no underscores, dots, leading numerics,
or anything else that is non-alphanumeric.

Using non-English characters for national language
installations of Windows is considered acceptable
but there is a (strong) possibility that interoperation
with other windows versions will be probablematic.
(Not impossible, just irritatingly complicated.)

Doing this will never cause a problem, but doing
anything else will cause problems in some cases
(some of which may be obsolete now, but why take
the chance.)

I follow the same rules for ANYTHING that will ever
(possibly) become a NetBIOS or (part of a) DNS name,
so Domains, Workgroups, Computers.

There is no reason not to follow this for OUs but there
I might be willing to use Underscores or other characters.

I break the rule in one specific case regularly: Template
user is "_UserCategoryName" (e.g., _Engineer) but this
is due to the fact that such template users will never
actually be used on the network but only for copying to
create a new user.

*All NetBIOS names are actually 16 characters (always)
as the OS extends Computer, User, Domain etc. names
to 15 characters with spaces and then uses the 16
character to represent different services (like IP does
with ports). One would then naively think (I did) that
15 characters would be acceptable but there have been
weird cases (e.g., something in MS SQL Server) where
even 15 was too long. Thus the restriction to 14
characters.

 

[Mike Shepperd]

An interesting point related to this question is interoperability. A couple
years ago I ran into a case where Sharepoint wouldn't allow users with an
underscore in their name be added to the site. In that specific case I
found that Sharepoint was built referencing the RFC's for the web and AD was
built to a whole different set of standards (internal at MSFT and RFC's that
apply to the LDAP standard).

So, if you're looking to create usernames that don't follow common
conventions, be sure to test them against all applications you might need
them to integrate with before deploying to all users.

--
Mike Shepperd
Sunfire Solutions LLC
Seattle, WA

**********************************************************
"This posting is provided "AS IS" with no warranties, and confers no
rights."
**********************************************************
"Jorge de Almeida Pinto [MVP - DS]"
computers....


the length of the user name (samaccountname) can be up to: 256 characters
(definition in the schema)

to be sure of all characters try to create a user in a test env using those
characters

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx