From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1 Description of problem: ipa-adduser test.me First name: Test Last name: Me Username is required and may only include letters and numbers RHEL/Fedora shadow utils will allow the creation and use of accounts that contain a . in the username, but this is not allowed in either the cli or webui for freeipa. Version-Release number of selected component (if applicable): ipa-admintools-1.1.0-4 How reproducible: Always Steps to Reproduce: 1.ipa-adduser test.me Actual Results: Account creation failed with the message: Username is required and may only include letters and numbers Expected Results: Account should have been created. Additional info:
The trick is going to be to find the lowest common denominator so that an IPA login can work on multiple operating systems. According to "Solaris 10: The Complete Reference" usernames are limited to 8 characters (though it doesn't say which characters). Other folks seem to believe there is no limit, some say it gets truncated at 8. No mention of character limitations.
I did a little poking on a Solaris 9 box I have. useradd seems to want the username to be all alphanumeric, '-', '_', or '.' with the first character an alpha and no longer than 8 characters. but it just spits out warnings. It will still add the user as requested. Perhaps we should do the same. Lighten up a bit and simply warn if we think something is going to cause problems.
This will use the same patch from bug 450613.
master: 110f60da8e8cbf2b83f66b4959857dc62b407f06
Fix Verified: [root@jennyv3 ~]# ipa-adduser test.me First name: Test Last name: Me test.me successfully added [root@jennyv3 ~]# ipa-finduser test.me First Name: Test Last Name: Me Home Directory: /home/test.me Login Shell: /bin/bash Login: test.me