diff options
| -rw-r--r-- | src/util/sss_krb5.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c index d461cf881..a3f066e8a 100644 --- a/src/util/sss_krb5.c +++ b/src/util/sss_krb5.c @@ -51,7 +51,13 @@ sss_krb5_get_primary(TALLOC_CTX *mem_ctx, *c = toupper(*c); } - primary = talloc_asprintf(mem_ctx, "%s$", shortname); + /* The samAccountName is recommended to be less than 20 characters. + * This is only for users and groups. For machine accounts, + * the real limit is caused by NetBIOS protocol. + * NetBIOS names are limited to 16 (15 + $) + * https://support.microsoft.com/en-us/help/163409/netbios-suffixes-16th-character-of-the-netbios-name + */ + primary = talloc_asprintf(mem_ctx, "%.15s$", shortname); talloc_free(shortname); return primary; } |