Keutel, Jochen (mlists) wrote:
Hello, the ":" is a special character for Unix. (E.g. it's the column delimiter in /etc/passwd and friends.) So Unix forbids the usage of ":" in user names.
POSIX defines (http://pubs.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap03.html#tag_...):
To be portable across systems conforming to IEEE Std 1003.1-2001, the value is composed of characters from the portable filename character set.
This portable character set is defined as (http://pubs.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap03.html#tag_...):
The set of characters from which portable filenames are constructed.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 . _ -The last three characters are the period, underscore, and hyphen characters, respectively.
So LDAP allows ":" in uid (because it has DirectoryString syntax) but the application (Unix/POSIX) forbids it.
Additionally if using SSH logins one should stick to lower-case chars.
Ciao, Michael.