User logons max'd at 20 character?

[Bachinat0r]

in active directory for the username there clearly shows 2 different logon fields. one just says logon and the other says logon (pre-windows2000). so how come if all the computers on my domain are windows 2000 or later, they are being forced to use the pre-windows 2000 logon? any suggestions would be greatly appreciated. this is becoming a pain for me as there are many people on my network that have long usernames since i am using lastnamefirstname for usernames.

 

[itsp1965]

The pre-Win2K userid is purely based on a proprietary scheme which limits userids to 20 chars (also it is by design for NTLM authentication). AD which is based on the X.500 directory protocol allows for logon using an FQDN of 255 chars (64 of which could be the userid). So when you logon your users to AD, they can logon as firstname.lastname@domain.com. Pre-Win2K IDs are designed for interoperability with older version of Windows like 9x and NT.

 

[Bachinat0r]

so how can i keep my usernames from getting cut off at 20 characters?

 

[itsp1965]

When creating the userid in AD users and computers, the User Logon name field can be firstname.lastname. The short version can be anything up to 20 chars. When the user logs on to the AD domain, they will use the name indicated in the User Logon name field first.lastname@domain.com (whatever your domain is). As I mentioned the pre-Win2K ID is for logging on to pre-Win2K operating systems such as NT, 9x.