Windows Server 2008/R2: Change the maximum UserName length?
Is there any way to change the standard 20 character UserName maximum length restriction for local accounts?
(Server 2008 R2 to be specific)
Nope, it's fixed at 20. I believe this is for backward compatibility reasons. You can go bigger in Active Directory (except for the SAMAccountName field), but not locally.
You must be referring to the sam-accountname attribute. Logon names have to follow these rules:
Rules for Logon Names
Logon names must follow these rules:
Local logon names must be unique on a workstation and global logon names must be unique throughout a domain.
Logon names can be up to 104 characters. However, it isn't practical to use logon names that are longer than 64 characters.
A Microsoft Windows NT version 4.0 or earlier logon name is given to all accounts, which by default is set to the first 20 characters of the Windows 2000 logon name. The Windows NT version 4.0 or earlier logon name must be unique throughout a domain.
Users logging on to the domain from Windows 2000 computers can use their Windows 2000 logon name or their Windows NT version 4.0 or earlier logon name, regardless of the domain operations mode.
Note that the GUI only lets you create 20 char names, you would have to create them programatically to get past 20.
"Note that the GUI only lets you create 20 char names, you would have to create them programatically to get past 20."
I would say that that statement is incorrect. I cannot programmatically create usernames greater than twenty characters. Below is the relevant VB.NET code that I ran on Windows Server 2008 R2. It works for creating user names of twenty or fewer characters, but throws an exception if the username exceeds twenty characters. Try it yourself. Sincerely, Joseph Davoli
Code:
Imports System.DirectoryServices 'Gives us access to Directory Services.
Function Blah() As Whatever
Dim strFNMILN As String = "Christopher.B.Robinson" 'NOTE: Twenty-two characters. Dim strFullName as string = "Christopher B. Robinson"
'Declare a new "DirectoryEntry" object variable and assign to it the entry for 'this computer (the computer on which this code is running). Dim DirectoryEntryThisComputer As New DirectoryEntry("WinNT://" & Environment.MachineName & ",computer")
'Declare a new "DirectoryEntry" object variable and name it "DirectoryEntryNewUser". 'Create a new user in the local directory and assign that user to our object variable. Dim DirectoryEntryNewUser As DirectoryEntry = DirectoryEntryThisComputer.Children.Add(strFNMILN, "user")
'Add the fullname of this user. DirectoryEntryNewUser.Invoke("Put", New Object() {"fullname", strFullName })
'Add a description value. DirectoryEntryNewUser.Invoke("Put", New Object() {"description", "This is a test user."})
'Set the password for this new user (14 character minimum). DirectoryEntryNewUser.Invoke("SetPassword", New Object() {"abcdefg1234567"})
'Save this new user to the local directory (this machine's directory). DirectoryEntryNewUser.CommitChanges()
. . End Function