Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- RSA Secure ID Username
- Cliff Dabbs
January 24, 2005, 8:53 am
rate this thread
- Lassi Hippel√§inen
January 24, 2005, 5:43 pm
Re: RSA Secure ID Username
The limitation on the length of the user name is not in the SecurID support
infrastructure. The database in the RSA Authentication Manager (aka
ACE/Server) accepts user names up to 48 characters in length. In the real
world, however, any Unix boxes which hosts an RSA Authentication Agent --
which proxy the authentication calls to the ACE/Server -- can impose its own
limitations on the length of the user names.
I'm not up to speed on all Unix flavors, but I presume most are probably now
capable of handling 16-character user names. Some administrators, however,
choose to still restrict their systems to the old 8-character user names,
probably to remain compatible with NIS and other legacy name-handling
services and apps.
It doesn't really matter what sort of machine hosts the RAM or ACE/Server,
but it does matter where (and on what) the RSA Authentication Agents runs.
Other than providing a user ID used to run the ACE/Server executables, the
ACE/Server does not interact with OS user identities at all. A UNIX-hosted
ACE/Server is, for instance, perfectly happy managing Windows logon IDs.
It's the RSA Agent that extracts the user ID (uid #) from the operating
system and asks the system to provide the name of the user. The name
returned by some systems will be 8 characters.
(Actually, the RSA Agent will attempt to use the USER and LOGNAME
environment variables, in that order, which might contain a non-truncated
version of the user name -- but it will only use these options after
verifying they map to the same uid #.)
I've been a consultant to RSA for many years, but before you cite this stuff
in some formal context, you should consult your trusty Unix and RSA manuals,
or confirm the details with RSA Customer Support. Hope this is helpful.
-------- in response to ----------------
Cliff Dabbs queried the newsgroup:
Lassi Hippelšinen replied:
- — Next thread in » General Computer Security
- » Mysterious app. tries to connect, no info found yet, any ideas?
- — Previous thread in » General Computer Security