Re: [Freeipa-users] Cannot enter $ character in "group name" of "user groups"
On 15/02/2017 13:52, Alexander Bokovoy wrote: > On ke, 15 helmi 2017, Jens Timmerman wrote: >> Hi Martin, >> >> >> On 15/02/2017 12:27, Martin Basti wrote: >>> >>> >>> >>> On 15.02.2017 10:57, Dimitris Beletsiotis wrote: Hello, Despite the documentation that says that we can use $ in "group names" the web gui does not allow it, pls see attached. Is there some option to enable this? Thanks, Dimitris Beletsiotis >>> Hello, >>> >>> I checked the code and '$' can be used only as the last character in >>> group name, so error message is not quite exact >>> >>> PATTERN_GROUPUSER_NAME = >>> '^[a-zA-Z0-9_.][a-zA-Z0-9_.-]*[a-zA-Z0-9_.$-]?$' >> Since this is a pattern to be matched, the $ actually means something >> (it is an end of string anchor) and is not a literal '$' character. >> see >> http://www.regular-expressions.info/anchors.html > The third set of allowed characters at the end includes $. The set > [a-zA-Z0-9_.$-]? has '?' qualifier which means it is optional. But end > result is to allow '$' as the last character of a group or user name. > > However, '$' is not allowed anywhere else. This makes possible to have > machine or trusted domain accounts for Active Directory/Samba purposes > but nothing else with '$' sign in the name. > Oops, Indeed, I just noticed, read a bit too fast, sorry for the junk. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Cannot enter $ character in "group name" of "user groups"
On ke, 15 helmi 2017, Jens Timmerman wrote: Hi Martin, On 15/02/2017 12:27, Martin Basti wrote: On 15.02.2017 10:57, Dimitris Beletsiotis wrote: Hello, Despite the documentation that says that we can use $ in "group names" the web gui does not allow it, pls see attached. Is there some option to enable this? Thanks, Dimitris Beletsiotis Hello, I checked the code and '$' can be used only as the last character in group name, so error message is not quite exact PATTERN_GROUPUSER_NAME = '^[a-zA-Z0-9_.][a-zA-Z0-9_.-]*[a-zA-Z0-9_.$-]?$' Since this is a pattern to be matched, the $ actually means something (it is an end of string anchor) and is not a literal '$' character. see http://www.regular-expressions.info/anchors.html The third set of allowed characters at the end includes $. The set [a-zA-Z0-9_.$-]? has '?' qualifier which means it is optional. But end result is to allow '$' as the last character of a group or user name. However, '$' is not allowed anywhere else. This makes possible to have machine or trusted domain accounts for Active Directory/Samba purposes but nothing else with '$' sign in the name. -- / Alexander Bokovoy -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Cannot enter $ character in "group name" of "user groups"
Hi Martin, On 15/02/2017 12:27, Martin Basti wrote: > > > > On 15.02.2017 10:57, Dimitris Beletsiotis wrote: >> Hello, >> >> Despite the documentation that says that we can use $ in "group >> names" the web gui does not allow it, pls see attached. >> Is there some option to enable this? >> >> Thanks, >> Dimitris Beletsiotis >> >> > Hello, > > I checked the code and '$' can be used only as the last character in > group name, so error message is not quite exact > > PATTERN_GROUPUSER_NAME = '^[a-zA-Z0-9_.][a-zA-Z0-9_.-]*[a-zA-Z0-9_.$-]?$' Since this is a pattern to be matched, the $ actually means something (it is an end of string anchor) and is not a literal '$' character. see http://www.regular-expressions.info/anchors.html Regards, Jens Timmerman > > Martin^2 > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Cannot enter $ character in "group name" of "user groups"
On 02/15/2017 10:57 AM, Dimitris Beletsiotis wrote: Hello, Despite the documentation that says that we can use $ in "group names" the web gui does not allow it, pls see attached. Is there some option to enable this? Thanks, Dimitris Beletsiotis The IdM documentation states that dollar sign at the end of user/group name is due to Samba 3.x support[1]. I an yet to find a reason why $ is forbidden in all other positions. [1] https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/managing-users-life-cycle.html#username-format -- Martin^3 Babinsky -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Cannot enter $ character in "group name" of "user groups"
On 15.02.2017 10:57, Dimitris Beletsiotis wrote: Hello, Despite the documentation that says that we can use $ in "group names" the web gui does not allow it, pls see attached. Is there some option to enable this? Thanks, Dimitris Beletsiotis Hello, I checked the code and '$' can be used only as the last character in group name, so error message is not quite exact PATTERN_GROUPUSER_NAME = '^[a-zA-Z0-9_.][a-zA-Z0-9_.-]*[a-zA-Z0-9_.$-]?$' Martin^2 -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] Cannot enter $ character in "group name" of "user groups"
Hello, Despite the documentation that says that we can use $ in "group names" the web gui does not allow it, pls see attached. Is there some option to enable this? Thanks, Dimitris Beletsiotis -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project