RSA Secure ID Username

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Anyone know if there's a limit on the number of characters you can
have in a usename?

We're using SecureID with ACE Servers.



Re: RSA Secure ID Username

Cliff Dabbs kirjoitti:
Quoted text here. Click to load it

I had serious problems with a nine letter username. The corporate IM
solved the problem by finding me an eight letter name. It probably had
something to do with the colour of Unix the ACE runs.

-- Lassi

Re: RSA Secure ID Username

Hi Cliff, Lassi:

The limitation on the length of the user name is not in the SecurID support
infrastructure. The database in the RSA Authentication Manager (aka
ACE/Server) accepts user names up to 48 characters in length.  In the real
world, however, any Unix boxes which hosts an RSA Authentication Agent --  
which proxy the authentication calls to the ACE/Server -- can impose its own
limitations on the length of the user names.

I'm not up to speed on all Unix flavors, but I presume most are probably now
capable of handling 16-character user names.  Some administrators, however,
choose to still restrict their systems to the old 8-character user names,
probably to remain compatible with NIS and other legacy name-handling
services and apps.

It doesn't really matter what sort of machine hosts the RAM or ACE/Server,
but it does matter where (and on what) the RSA Authentication Agents runs.
Other than providing a user ID used to run the ACE/Server executables, the
ACE/Server does not interact with OS user identities at all. A UNIX-hosted
ACE/Server is, for instance, perfectly happy managing Windows logon IDs.

It's the RSA Agent that extracts the user ID (uid #) from the operating
system and asks the system to provide the name of the user. The name
returned by some systems will be 8 characters.

(Actually, the RSA Agent will attempt to use the USER and LOGNAME
environment variables, in that order, which might contain a non-truncated
version of the user name -- but it will only use these options after
verifying they map to the same uid #.)

I've been a consultant to RSA for many years, but before you cite this stuff
in some formal context, you should consult your trusty Unix and RSA manuals,
or confirm the details with RSA Customer Support.  Hope this is helpful.



-------- in response to ----------------

Cliff Dabbs queried the newsgroup:

Quoted text here. Click to load it

Lassi Hippelšinen replied:

Quoted text here. Click to load it

Site Timeline