server 2003 minimum username length?

we usually do first initial and last name for usernames but we have an application that requires at least 6 characters for usernames and some people with short last names end up with active directory accounts that are too short.  so either we add a character or they have mismatching accounts and get confused.  

Is there a way to change it so AD will not accept a username shorter than 6 characters?
cymrichAsked:
Who is Participating?
 
PapertripConnect With a Mentor Commented:
Speaking from experience, managing separate user databases like your bosses are requesting will bite you in the butt eventually.  I guess it kinda already has...
0
 
PapertripCommented:
This isn't an exact answer to your question, but I'd like to ask a couple things from a logistics/scalability point of view.

For users who have let's say 3 letters in their username, how do you plan on filling in the other 3 characters?

How is the application doing authentication?  Does it have it's own user database or does it pull from AD?

If someone answers your specific question, cool, but whether or not your approach is scalable is another issue.  Just because you are able to do something doesn't mean you should ;)

0
 
Mike KlineCommented:
You would have to manipulate the samaccount attribute in the schema and would need a lot of testing.  Not something I've ever tried to do so I won't blow smoke on if it is possible.

I'd just use full first name/last name for those users.

Thanks

Mike
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Brian PiercePhotographerCommented:
There is nothing built in to windows to do this
0
 
cymrichAuthor Commented:
@Papertrip
Most of our users already have names that are 6 characters or longer... I am one of the few exceptions myself, but as an admin it's not confusing to me.  I would have to change my username before the limit change is made.  the application is using a sql database and the powers that be do not want any kind of passthrough authentication.  The request is being made so that when people other than me make accounts they don't accidentally make the AD account too short.  I told them that I was unaware of any way for the username minimum to be altered like that, but a remote admin guy said he had seen it done and that a way exists so I am investigating.  

@mkline71
for most users with short last names that is exactly what we usually do.  Basically they want to make sure that the accounts are created in a uniform manner so on and so forth...

@KCTS
That's what I thought but someone in the meeting I was in said it is possible so now I am tasked with finding out how.  


0
 
PapertripCommented:
Basically they want to make sure that the accounts are created in a uniform manner so on and so forth...
Yeah I figured, that is exactly why I posed those questions.

It is very possible that you will hire someone in the future who has a first+last name that is <6 characters, what will be the standard then?

I think the only viable solution to this is to hook the applications user authentication processes into AD, and stick with first initial + last as you have been.
0
 
Mike KlineCommented:
The other non native way that I know some people enforce rules is through user provisioning tools.  Quest makes one for example, there are others and some people write their own web pages.  Then when the help desk creates an account they use this other interface (not ADUC) and it enforces rules/policies.


Haven't done that where I am.

Thanks

Mike
0
 
cymrichAuthor Commented:
my own first and last names only have 4 letters each so we already made an exception to the rule for me... the powers that be never brought this up again so basically nothing ever happened and we still just add letters if their last name is too short
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.