All versions of Centrify DirectControl
Does Centrify support the usage of UTF-8 characters in AD passwords or hostnames?
UTF-8 (UCS Transformation Format — 8-bit) is a multibyte character encoding for Unicode.UTF-8 is also increasingly being used as the default character encoding in operating systems, programming languages, APIs, and software applications.
1) Currently we do not support the usage of UTF-8 characters in hostnames.
You will see the following message when you attempt to join a Centrify server with UTF-8 character in the hostname to AD.
In the below example, the name of the server is Ól27 where Ó is the UTF-8 character.
[root@Ól27 ~]# adjoin -u firstname.lastname@example.org yourcompany.com
Error: computer name must start with a letter or underscore, follow by a number, letter, _ or -
Development efforts are underway for supporting this capability in future releases.
2) We have done preliminary testing of UTF-8 in passwords in our lab and it has worked fine. Full support will be provided in future releases.
Cause : The Kerberos 1.4.3 libraries that manage hashing of passwords are incompatible with UTF-8 characters. We will migrate code from the Kerberos 1.9 libraries to enable this support.
Note: For the above to work, the terminal should support UTF-8. Gnome-based or other console based logins will not work.
For example: An Euro or UTF-8 char can be created by holding down the ALT key and enabling the num lockpad on the PC and typing 0211 will give you the UTF-8 character Ó and so on. This must be entering in the password field of the Centrify/AD account.
On a Putty terminal (to a unix box), you should change the setting under Windows -> Translation -> Received data assumed to be in which character set: choose "UTF-8" in the pull down. Attempt login.
For more information of UTF-8, please refer to the Wiki page link provided below as a courtesy.