A coworker juste demonstrated to me that accounts in our test AD was able to authenticate quand replacing chaque a character in leur samAccountName avec Danish character å (ASCII 134 / å).
E.g. le user <domain>\aaa can authenticate as ååå.
J'ai essayé reproducing this in a freshly provisioned W2K12R2 AD (single server, tous standard values), et it works there too. I created an account aaa (never touching le letter å in le process, so that nothing contains å) et ran:
PS C:\Users\Administrator> runas /user:ååå notepad
Enter the password for ååå:
Attempting to start notepad as user "DEV-DLI\ååå" ...
PS C:\Users\Administrator>
which caused notepad to start, running as aaa.
The même seems to hold true for o et Danish character ø, tandis que le dernier Danish special char æ does pas seem to correspond to tout autre character. With user aaa in AD, trying to créez un user avec samAccountName ååå will fail, informing you that The user logon name you have chosen is already in use (...).
J'ai googled like a madman, mais have been unable to find out what is going on. Does anyone have tout hints as to why this works?
