Re: Invalid characters for WTSQuerySessionInformation?
- From: "Norman Diamond" <ndiamond@xxxxxxxxxxxxxxxx>
- Date: Thu, 17 May 2007 19:25:57 +0900
Thank you for your response.
I have discovered that Windows XP properly prevents characters such as '\' and '/' from being used in a username.
Characters such as '$' and '@' are problematic, for the reasons that we have discussed. But Windows XP permits these characters to be used in a username. The result is undesirable.
A tester blamed my code because of the effect of a username that had '@' in it. My code didn't check for things like that. My code doesn't create users, it only gets executed by users. I don't even create folders that are named for their username. But some APIs returned undesirable results.
In order to satisfy testers, I have to add some checks in my code. If the username includes a '@' then I have to pop up a message box saying "Sorry, this program won't work because your username contains '@'."
Please, what other characters do I have to check for?
(By the way this is with the Unicode version WTSQuerySessionInformationW. As mentioned, WTSQuerySessionInformationA fails with quite a lot of characters, so I already made a workaround using WTSQuerySessionInformationW and WideCharToMultiByte.)
"Ivan Brugiolo [MSFT]" <ivanbrug@xxxxxxxxxxxxxxxxxxxx> wrote in message news:OVS8x6FmHHA.596@xxxxxxxxxxxxxxxxxxxxxxx
Characters that allows for ambiguity between the `NTLM` fully
qualified names and the SPN-styles names, and the separators of those.
For example, the $ at the end of a name is normally reserved for
the machine domain account (assuming a Kerberos based environment).
`@` separates a name from it's domain.
The `\` is used for NTLM domain, and the `/` can be used
for explicitily registered principal names.
There are a few other restrictions for the last 2 characters of a NTLM name,
caused by the Browser Service implementation in the NTLM days,
and all the compatibilty issues from that onward.
--
--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
"Norman Diamond" <ndiamond@xxxxxxxxxxxxxxxx> wrote in message news:%234nXUzBmHHA.3952@xxxxxxxxxxxxxxxxxxxxxxxWindows XP, probably SP2.
We have been told that in some foreign versions of Windows XP, the Unicode version of WTSQuerySessionInformationW is failing to retrieve a username if the name includes an at sign "@".
I am thinking of preparing a test to find which characters WTSQuerySessionInformationW can't deal with. Intuitively I feel that Unicode characters "$", backslash, forward slash, quotation mark, and a few others might also be troublesome. But first I tried to find if there's any documentation on such restrictions, and couldn't find any.
Also intuitively I think there are probably other APIs that need testing too. We've already abandoned use of WTSQuerySessionInformationA, instead calling WTSQuerySessionInformationW and WideCharToMultiByte instead. (I attempted to describe that workaround twice in postings that have been censored from this newsgroup.) Does anyone know what characters are troublesome for any APIs, whether ANSI or Unicode, that deal with usernames?
.
- Follow-Ups:
- Re: Invalid characters for WTSQuerySessionInformation?
- From: Ivan Brugiolo [MSFT]
- Re: Invalid characters for WTSQuerySessionInformation?
- References:
- Invalid characters for WTSQuerySessionInformation?
- From: Norman Diamond
- Re: Invalid characters for WTSQuerySessionInformation?
- From: Ivan Brugiolo [MSFT]
- Invalid characters for WTSQuerySessionInformation?
- Prev by Date: Some bludger looking for help :)
- Next by Date: Re: Some bludger looking for help :)
- Previous by thread: Re: Invalid characters for WTSQuerySessionInformation?
- Next by thread: Re: Invalid characters for WTSQuerySessionInformation?
- Index(es):
Relevant Pages
|
Loading
