Invalid user names when creating a LDAP account

Posted by h1d on Server Fault See other posts from Server Fault or by h1d
Published on 2009-11-30T04:21:52Z Indexed on 2010/04/24 7:04 UTC
Read the original article Hit count: 210

Filed under:
|

I'm trying to set up a system where a visitor can enter any user name in a form to create a new user and in the end it gets built on LDAP directory and I'm planning that to be mapped as a UNIX account as well (on Ubuntu Linux) by making the system look up for system accounts on the LDAP. Doing so is fine, but I feel that many user names should be avoided, one of the obvious being 'root' and all the other user names taken for daemons etc.

How do you tackle at this problem? Do you make up a list of disallowed user names by checking /etc/passwd? I was thinking that if, internally, the user names could be prepended as 'ldap_' or something, it will avoid any naming conflicts but that seems hard when the LDAP entry name is 'joe' but the system account will look like 'ldap_joe'. Not even sure how that can be achieved.

© Server Fault or respective owner

Related posts about ldap

Related posts about linux