Username truncates at 20 characters when using AD
問題
Crowd, configured to sync with Microsoft Active Directory, truncates the username to 20 characters. This issue affects both Crowd and any applications with embedded Crowd (Jira, Confluence, etc).
診断
環境
- Microsoft Active Directory
原因
Crowd is configured to sync sAMAccountName for usernames. This is a feature of Active Directory; the sAMAccountName attribute can store only 20 characters to provide backwards compatibility with pre-2000 Windows Server logon names.
回避策
Configure Crowd to use a different attribute, for example CN, for usernames. The CN attribute up to 64 characters, versus the 20 allowed in the sAMAccountName.
Be aware that this configuration change will apply to all users on your AD. Trying this change on an staging environment before applying on production is advised.