achinayoung_wau
New Member.
318 views

PAM 3.2 and case sensitivity

Is there a reason PAM is case sensitive wrt user names? We set up user names in all uppercase in the Framework User Manager. When logging in with lowercase names, the user is authenticated but not authorized for any consoles so the PAM Framework Console doesn't show any logins. Furthermore, when trying to run something like "usrun shell" on a UNIX server for privileged shell access, unless the user's lowercase name is in a User Group, the command fails.

Why doesn't PAM just ignore the case of a user to avoid all of this?
0 Likes
1 Reply
Knowledge Partner
Knowledge Partner

Re: PAM 3.2 and case sensitivity

On 04/23/2019 08:56 AM, achinayoung waubonsee wrote:
>
> Is there a reason PAM is case sensitive wrt user names? We set up user
> names in all uppercase in the Framework User Manager. When logging in
> with lowercase names, the user is authenticated but not authorized for
> any consoles so the PAM Framework Console doesn't show any logins.
> Furthermore, when trying to run something like "usrun shell" on a UNIX
> server for privileged shell access, unless the user's lowercase name is
> in a User Group, the command fails.
>
> Why doesn't PAM just ignore the case of a user to avoid all of this?


Computers, in general, are case-sensitive; when you type 'A' it is
different from when type 'a' from the keyboard all the way through the OS
and applications; making computers treat characters otherwise requires
programming them explicitly to ignore case, often by forcing strings to
lower case and then comparing with other lower-case versions (if possible).

Especially with authentication data (usernames, passwords, etc.)
case-sensitivity is desired because it makes guessing others' credentials
harder. Unix/Linux, where PAM/PUM is usually used, also treats usernames
case-sensitively, so having the wrong case (usernames are usually all
lower case) means you literally have the wrong user.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.