On Fri, Jul 19, 2019 at 11:43:37AM -0500, Spike White wrote:
> All,
>
> In previous AD integration tools, the max host name length was customarily
> 15 chars. Because of ancient NETBIOS restrictions (16 char restrictions
> and netbios adds a '$' to the end of host name).
>
> That was like an AD 2003 restriction.
>
> With some slightly (well-documented) trickiness, in newer AD deployments
> those AD integration tools would allow up to an 18 char host name.
>
> I see in modern AD now, up to a 20 character name is tolerated (although
> recommendation is to retain the final '$'). So -- 19 char max.
>
> https://social.technet.microsoft.com/Forums/en-US/f2afb2ce-74fb-4434-932b-6b71c3654a98/ad-computer-names-over-15-characters?forum=winserverDS
>
>
> (However, that statement that 'common name' (max length 15) has to be
> unique in the OU is troubling. If you put all your Linux servers in the
> same OU, you're back to your 15 char limitation.)
>
> Apparently, in 2013 realm join and adcli allowed a15 char host name max.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1001667
>
> Is that still true today, max 15 char host name in realm join / adcli?
>
> Spike
A cursory look at adcli source code says it is:
241 »·······if (strlen (computer_name) > 15) {
242 »·······»·······computer_name[15] = 0;
243 »·······»·······_adcli_info ("Truncated computer account name from fqdn:
%s", computer_name);
244 »·······} else {
245 »·······»·······_adcli_info ("Calculated computer account name from fqdn:
%s", computer_name);
246 »·······}
_______________________________________________
sssd-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
