Using Long Names in Solaris Implementations
Novell Cool Solutions: Tip
By Armand Lowe
Digg This -
Posted: 18 Feb 2004
Posted: 19 Feb 2004
If you've seen this Solaris error message:
Can't map enterpriseUserName to platformAssociation
It's because Users and Groups with names over 8 characters in length are not populated to Solaris by default.
NAM limits user and group names to 8 characters to prevent problems with Solaris -- but creating 300 aliases or renaming 300 accounts to 8 characters was not an option in my case. The /usr/local/ASAM/bin/PlatformServices/PlatformReceiver/scripts/platformverifyandmapname.sh script checks NAM eUser and eGroup names for valid characters [A-Z], [0-9], [_-.] and the proper minimum and maximum lengths required by Solaris. If this script determines that an eObject name is too long, it will not attempt to populate that object within the platform.
Edit the platformverifyandmapname.sh file. Change the variable that specifies the maximum length as 8 to something large enough for your usernames.
Change the line that says:
Run the Platform Receiver in FULLSYNC mode to add the new objects.
There are documented problems with long usernames with the same first 8 characters, but that is a much smaller issue.
Some sites mention some buffer overflow security issues when long usernames are used in Unix; that should be taken as calculated risk.
- Open the NAM302 Manager webpage.
- Navigate to Provisioning Details, and open the details of an eObject with a name that is over 8 characters in length.
- Click the "Platform Set Provisioning Details" link on the eObject Details page.
- The Platform Associations will be listed as "Not Associated" if they are not populated to the Solaris platform, but will be listed in lowercase letters if they are populated correctly.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com