Re: Invalid characters for WTSQuerySessionInformation?
- From: "Ivan Brugiolo [MSFT]" <ivanbrug@xxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 17 May 2007 09:37:44 -0700
The ANSI version calls RtlUnicodeToMultiByteN to perform the charcter
conversion,
that behaves differently than MutliByteToWideChar.
That clarified, what's the right code-page to use is an unsolved problem:
should the API be using the code-page of the server, or of the client ?
The one of the current locale selected for the thread ?
Calling MultiByteToWideChar gives you the control you expect.
The problem of valid user names depends on the authentication authority
that is being used to validate them. Certain Authentication authorities
accept different charcters and have different restrictions.
What do you expect if you use local credentials (local to the `connect-to`
server)
when you TS into a domain-joined machine ?
You can use ADSI / DS to validate user-names.
--
--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
"Norman Diamond" <ndiamond@xxxxxxxxxxxxxxxx> wrote in message
news:%23EBjM3GmHHA.1340@xxxxxxxxxxxxxxxxxxxxxxx
Thank you for your response.
I have discovered that Windows XP properly prevents characters such as '\'
and '/' from being used in a username.
Characters such as '$' and '@' are problematic, for the reasons that we
have discussed. But Windows XP permits these characters to be used in a
username. The result is undesirable.
A tester blamed my code because of the effect of a username that had '@'
in it. My code didn't check for things like that. My code doesn't create
users, it only gets executed by users. I don't even create folders that
are named for their username. But some APIs returned undesirable results.
In order to satisfy testers, I have to add some checks in my code. If the
username includes a '@' then I have to pop up a message box saying "Sorry,
this program won't work because your username contains '@'."
Please, what other characters do I have to check for?
(By the way this is with the Unicode version WTSQuerySessionInformationW.
As mentioned, WTSQuerySessionInformationA fails with quite a lot of
characters, so I already made a workaround using
WTSQuerySessionInformationW and WideCharToMultiByte.)
"Ivan Brugiolo [MSFT]" <ivanbrug@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:OVS8x6FmHHA.596@xxxxxxxxxxxxxxxxxxxxxxx
Characters that allows for ambiguity between the `NTLM` fully
qualified names and the SPN-styles names, and the separators of those.
For example, the $ at the end of a name is normally reserved for
the machine domain account (assuming a Kerberos based environment).
`@` separates a name from it's domain.
The `\` is used for NTLM domain, and the `/` can be used
for explicitily registered principal names.
There are a few other restrictions for the last 2 characters of a NTLM
name,
caused by the Browser Service implementation in the NTLM days,
and all the compatibilty issues from that onward.
--
--
This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
"Norman Diamond" <ndiamond@xxxxxxxxxxxxxxxx> wrote in message
news:%234nXUzBmHHA.3952@xxxxxxxxxxxxxxxxxxxxxxx
Windows XP, probably SP2.
We have been told that in some foreign versions of Windows XP, the
Unicode version of WTSQuerySessionInformationW is failing to retrieve a
username if the name includes an at sign "@".
I am thinking of preparing a test to find which characters
WTSQuerySessionInformationW can't deal with. Intuitively I feel that
Unicode characters "$", backslash, forward slash, quotation mark, and a
few others might also be troublesome. But first I tried to find if
there's any documentation on such restrictions, and couldn't find any.
Also intuitively I think there are probably other APIs that need testing
too. We've already abandoned use of WTSQuerySessionInformationA,
instead calling WTSQuerySessionInformationW and WideCharToMultiByte
instead. (I attempted to describe that workaround twice in postings
that have been censored from this newsgroup.) Does anyone know what
characters are troublesome for any APIs, whether ANSI or Unicode, that
deal with usernames?
.
- Follow-Ups:
- Re: Invalid characters for WTSQuerySessionInformation?
- From: Norman Diamond
- Re: Invalid characters for WTSQuerySessionInformation?
- From: Norman Diamond
- Re: Invalid characters for WTSQuerySessionInformation?
- References:
- Invalid characters for WTSQuerySessionInformation?
- From: Norman Diamond
- Re: Invalid characters for WTSQuerySessionInformation?
- From: Ivan Brugiolo [MSFT]
- Re: Invalid characters for WTSQuerySessionInformation?
- From: Norman Diamond
- Invalid characters for WTSQuerySessionInformation?
- Prev by Date: Re: Getting process id from process handle
- Next by Date: Re: How to enumerate wow6432node fr a 32 bit process without looping infintely
- Previous by thread: Re: Invalid characters for WTSQuerySessionInformation?
- Next by thread: Re: Invalid characters for WTSQuerySessionInformation?
- Index(es):
Relevant Pages
|
