Invalid characters for a username.

Discussion in 'Active Directory' started by akg414s, Jul 30, 2008.

  1. akg414s

    akg414s Guest

    I need a list of characters that can't be used for an Active Directory
    username.

    Thanks
     
    akg414s, Jul 30, 2008
    #1
    1. Advertisements

  2. Paul Bergson [MVP-DS], Jul 30, 2008
    #2
    1. Advertisements

  3. If you mean the "Pre-Windows 2000 logon name", the following are not
    allowed:

    [ ] : ; | = + ? < > * "

    I'm not aware of any characters that are not allowed in Common Names. The
    characters above are allowed. However, if any of the following are used they
    must be escaped with the backslash "\" escape character:

    , \ # + < > ; " =

    In addition if you use ADSI (in scripting for example) the forward slash,
    "/", must also be escaped with the backslash. For example, if the Common
    Name of a user is "Last, First", then in VBScript you would bind to the
    object with code similar to:

    Set objUser = GetObject("LDAP://cn=Last\, First,ou=West,dc=MyDomain,dc=com")

    Among the characters I have tested and found to be fine in Common Names (and
    elsewhere in Distinguished Names, such as the name of an OU):

    * ( ) . & - _ [ ] ` ~ | @ $ % ^ & ? : |
     
    Richard Mueller [MVP], Jul 30, 2008
    #3
  4. That's a good reference, although it applies mostly to computer objects. I
    need to add "\" and "/" to my list of characters not allowed in
    sAMAccountName's. However I retested and still am not able to create users
    with the charcters "[", "]", ";", "=", or "+" in the sAMAccountName. I have
    not tested computer or group objects.

    --
    Richard Mueller
    MVP Directory Services
    Hilltop Lab - http://www.rlmueller.net
     
    Richard Mueller [MVP], Jul 30, 2008
    #4
  5. Meinolf Weber, Jul 30, 2008
    #5
  6. Per your first reference, I need to add "," to my list of characters not
    allowed. Just to be clear, the characters "(" and ")" are allowed, they just
    enclose the list of invalid characters. I think the article meant to list /\
    instead of \\. Otherwise, the list is good, but omits the characters "[" and
    "]". I'm not able to use those. My list of characters not allowed in
    sAMAccountName's for users is now:

    [ ] : ; | = + ? < > * " / \ ,

    All are allowed in common names, although some must be escaped (with "\").
     
    Richard Mueller [MVP], Jul 30, 2008
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.