shortnames with spaces in them

[chwebster]

Our AD usernames have spaces in them. When I log into a Windows machine, I enter “Craig Webster” as my user.

When I try to set up an OS 10.4 client with the AD plug-in, the Mac accepts my username “Craig Webster” at login, but then tries to build home folders based on this user and when I try to open any of them, I get a permissions error.

I tried to change one of the username fields in AD (AD seems to have several) to a name with no spaces, but leave another username field with the space. This way at login I use the name with the space, but my home directories and shortname do not have a space, and the homedirs work. However when I try to get authorization to an AFP 10.4 server, it tells me I have an incorrect user or password. I was able to connect to this same server before I messed with the usernames.

This is driving me crazy. How are other people dealing with this issue?

Craig

[chwebster]

I made the changes in the AD. The end goal is to be able to have users in one place only – and for us that one place is the AD. Those users already exist and people are already used to logging into Windows with their full names that have spaces in them. If we could make it work so they log in to Windows with a full name, and the Mac with a short name, that might be acceptable, as long as it’s still one AD user we’re working with.

When I create an AD user with no spaces in the username, I have everything working. That’s what makes me think I’m so close!

I’m not doing any managed preferences at this point, and I’m just using local home folders on the Mac.

Craig

[chwebster]

Their Exchange alias would work as a shortname. How would I static map that?

Just to clarify, though, I created a test user who did have one AD attribute with a field with a name with no spaces – and then logging into the AFP server broke.

Craig

[chwebster]

Ok, you have given me some hope. I was wondering what tool would help me find out what usernames the OS was using other than “id Craig Webster”.

I will have to read up on the man page for dscl to see how to use it however.

In addition (maybe I’m getting ahead of myself), once I see what OS X is using for the shortname, what is the next step? I feel like I am missing just a few pieces of the puzzle but not always sure which pieces, so I apologize if my questions are out there!

Craig

[chwebster]

Ok, took me a while to get around to looking at the man pages for dscl and dsconfigad. Unfortunately, I’m still lost as to how to proceed. Here is the dscl info – now what?:

test-Mac-G4-client:~ test five$ dscl /”Active Directory”/”All Domains”/ -read /Users/”test five”
accountExpires: 9223372036854775807
ADDomain: dataviz.com
badPasswordTime: 0
badPwdCount: 0
cn: test five
codePage: 0
countryCode: 0
displayName: test five
distinguishedName: CN=test five,CN=Users,DC=dataviz,DC=com
dn: CN=test five,CN=Users,DC=dataviz,DC=com
givenName: test
instanceType: 4
kerberosPrincipal: [email protected]
lastLogoff: 0
lastLogon: 127710288674378426
logonCount: 3
name: test five
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=dataviz,DC=com
objectClass: top person organizationalPerson user
objectSid: 01050000 00000005 15000000 68536340 bd692767 585dc85b 810a0000
primaryGroupID: 513
pwdLastSet: 127710278240967854
sAMAccountName: test five
sAMAccountType: 805306368
sn: five
userAccountControl: 512
userPrincipalName: [email protected]
uSNChanged: 4281623
uSNCreated: 4281619
whenChanged: 20050912194344.0Z
whenCreated: 20050912194344.0Z
AppleMetaNodeLocation: /Active Directory/dataviz.com
AuthenticationAuthority: 1.0;Kerberosv5;A29D1569-8A9F-4F99-AE71-FB3EEAA9601A;[email protected];DATAVIZ.COM;
FirstName: test
GeneratedUID: A29D1569-8A9F-4F99-AE71-FB3EEAA9601A
LastName: five
MCXFlags:
has_mcx_settings

MCXSettings:
mcx_application_data

com.apple.MCX

Forced


mcx_preference_settings

com.apple.cachedaccounts.CreateAtLogin

com.apple.cachedaccounts.WarnOnCreate

com.apple.dock

Forced


mcx_preference_settings

AppItems-Raw

DocItems-Raw

MCXDockSpecialFolders-Raw

AddDockMCXOriginalNetworkHomeFolder

contents-immutable

static-only


mcx_union_policy_keys


mcx_input_key_names

AppItems-Raw

mcx_output_key_name
static-apps
mcx_remove_duplicates


mcx_input_key_names

DocItems-Raw

mcx_output_key_name
static-others
mcx_remove_duplicates


mcx_input_key_names

MCXDockSpecialFolders-Raw

mcx_output_key_name
MCXDockSpecialFolders
mcx_remove_duplicates

loginwindow

Forced


mcx_preference_settings

AutoLaunchedApplicationDictionary-raw


AuthenticateAsLoginUserShortName
MCX-NetworkHomeDirectoryItem


DisableLoginItemsSuppression

LoginUserMayAddItems

mcx_union_policy_keys


mcx_input_key_names

AutoLaunchedApplicationDictionary-raw

mcx_output_key_name
AutoLaunchedApplicationDictionary-managed
mcx_remove_duplicates

NFSHomeDirectory: /Users/testfive
PasswordPlus: ********
PrimaryGroupID: 807021230
RealName: test five
RecordName: test five testfive [email protected] DATAVIZ\testfive DATAVIZ\test five test five
RecordType: dsRecTypeStandard:Users
SMBAccountFlags: 805306368
SMBGroupRID: 513
SMBLogoffTime: 0
SMBLogonTime: 127710288674378426
SMBPasswordLastSet: 127710278240967854
SMBPrimaryGroupSID: S-1-5-21-1080251240-1730636221-1539857752-513
SMBSID: S-1-5-21-1080251240-1730636221-1539857752-2689
UniqueID: 580719977
UserShell: /bin/bash
test-Mac-G4-client:~ test five$

[Author]

Posts