Skip to main content

KYDSO

Generation of the sAMAccountName for privileged accounts

When a new privileged account is created for an employee, the sAMAccountName is generated automatically. This has a maximum length of 20 characters.

When defining a privileged account type (e.g. administrator account), you must specify the associated rule for creating the sAMAccountName and can change this if necessary.

You can choose between two generation rules:

  • Variant 1: A combination of prefix and a unique number

  • Variant 2: A combination of prefix, first/last name and suffix

    With this variant, a maximum of nine persons with the same first and last name can currently be managed per privileged account type.

    If this variant is selected, the sAMAccountName is automatically updated if the option Change sAMAccountName on name change is activated. You can find the setting here: Generation of the sAMAccountName

To change the generation rule for the sAMAccountName:

  1. In the Change menu, click on the action Change sAMAccountName  generation rule .

    If this is not displayed in the menu, click on Other changes and select the action there.

    The asset list opens. For performance reasons, this is empty the first time it is opened after starting KYDSO.

  2. Search for the privileged account type.

    For example, enter the term privileged in the Article field and the name of the privileged account type in German (e.g. Administrator-Konto) in the Name field.

  3. Click on the corresponding details for the desired privileged account type.

    The current settings are displayed in the Information section.

  4. By clicking on Change generation rule sAMAccountName, you can change the variant or adjust the configuration of the current variant.

    The wizard for the selected action starts and guides you through the process.

Variant 1

Combination of prefix and a unique number

  • The prefix and the length of the unique number are mandatory for the generation of the sAMAccountName.

  • You must define the prefix yourself.

    The following characters are not allowed:

    "/ \ [ ] : ; | = , + * ? < >

  • The value 10 is preset by the system for the length of the unique number and can be changed by you.

  • Both values may be a maximum of 19 characters long.

  • Example: Admin141465249

Caution

Make sure that you do not exceed the permitted total length of 20 characters.

Variant 2

Combination of prefix, first/last name and suffix

  • The specification of a prefix or suffix is mandatory. It is possible to enter both types of information. The required separators to first name and surname must also be entered.

    Both values may be a maximum of 19 characters long. Make sure you leave enough characters for the first and last name.

    The following characters are not allowed:

    "/ \ [ ] : ; | = , + * ? < >

  • First name and last name are automatically added by the system and separated by a period.

    The names are normalized, i.e. all umlauts and accents are replaced (e.g. ä→a, é→e)

  • A counter from 1-9 is added for duplicates.

  • Examples: adm.heinz.mueller1, adm.heinz.mueller2, j.bergdorfholl-admin

Notice

If the permitted total length is exceeded, the system shortens the generated sAMAccountName as follows:

First, the first name is reduced to the first letter. If this is not sufficient, the last name is shortened by the number of characters that are still too many.

In this section: