Showing results for 
Search instead for 
Do you mean 
Reply
Occasional Contributor
marsgur
Posts: 4
Registered: ‎08-15-2011

Hostname length limit

Hello,

 

I'm wondering if there is a limit on number of characters that a hostname can have when joining 2008 AD domain?

 

Basically what I'm seeing is that I cannot join hosts such as this sequentially:

 

Lets say this host - prod-useast1-xxxxxapache1 - joins fine with adjoin -w blah blah:

 

prod-useast1-xxxxxapache1

 

Next host barfs with the following error when trying to join:

 

prod-useast1-xxxxxmobilegw1

 

[root@prod-useast1-xxxxxmobilegw1 ~]# adjoin -w -u xxx xxxxxx.lan
Using LDAP to create computer name larger than 15 characters.
This requires Windows Administrator privileges.
Try -N option if you cannot use an Administrator account.

xxx's Active Directory password:
Using writable domain controller: xxxxx-ad5.xxxxxx.lan

Error: There was another computer with same name ('CN=prod-useast1-xxxxxapache1,CN=Computers,DC=Paydiant,DC=LAN') previously joined to a zone in
this forest. To overwrite the existing computer data, please use the
--force option to adjoin.
Note that, you may need Domain Administrator privileges in order to overwrite the current configuration.

Join to domain 'xxxxxx.lan', zone 'Auto Zone' failed.

 

Is there a solution to this?

 

Some additional info:

 

AD shows the machines in "Computers":

 

pre-Windows 2000 name: prod-useast1-xx

 

 

Please use plain text.
Centrify
daniel
Posts: 223
Registered: ‎06-30-2010

Re: Hostname length limit

Hi,

 

Microsoft has 15-character limit on the host name length, here is the KB: http://support.microsoft.com/kb/909264. Based on our tests, we could extend the hostname limit to 19 characters, beyond which it fails when the machine attempts to do a password bind to AD.

 

We recommend that you use 15 chars or less.  You can do a man page on adjoin and check -N option for more information.

 

 

-Daniel

 

Please use plain text.
Occasional Contributor
marsgur
Posts: 4
Registered: ‎08-15-2011

Re: Hostname length limit

Hello Daniel,

 

Thanks for the tip.

 

Is there a workaround though? Centirfy mentions something about LDAP storage of the hostnames above 19characters in this document:

 

http://www.cerberis.com/images/produits/techFiles/Centrify-DirectControl-Configuration-Parameters-Re...

 

Page 196

 

I find it hard to believe that your clients listed here http://www.centrify.com/customers/overview.asp

all adhere to the15 character limit for the hostnames.  How do they solve this issue?

 

Thanks!

Regards,

AG

Please use plain text.
Centrify
daniel
Posts: 223
Registered: ‎06-30-2010

Re: Hostname length limit

If you do not want to change the hostname on the linux machine, what you can do is run the adjoin with -n flag and provide a name < than 15 chars but use -a flag to provide the hostname ( ie., 15 or more chars ) 


Example:

Hostname: lonudr-flexapporacledb5
FQDN: lonudr-flexapporacledb5.contoso.local
AD domain: contoso.local
Zone: Linux

adjoin -n lonudr-flexapp5 -a lonudr-flexapporacledb5 -a lonudr-flexapporacledb5.contoso.local contoso.local

 

Hope this helps,

Please use plain text.
Occasional Contributor
marsgur
Posts: 4
Registered: ‎08-15-2011

Re: Hostname length limit

Thanks man. I guess we'll have to get creative with our naming scheme :)

 

Too bad Microsoft is not addressing this issue on their end by extending it somehow.

Please use plain text.