Thursday, January 26, 2012

The username is invalid. The account must be a valid domain account

Today while configuring a farm I stumbled across a weird error I have never seen before. Upon entering the credentials for our farm account and error message popped up stating: "The username is invalid. The account must be a valid domain account."

As part of our deployment we wanted to make our account names very descriptive of what they were used for. This policy led us to use a very descriptive and lengthy account name that was similar to SP2010_ServerFarmAccount. This seemed like a great idea at the time because it is very obvious what this account was used for. But as it turns out lengthy user names might be a bad idea in a Windows environment.

Those people out there who are Active Directory administrators might already know what is coming up as the root of this problem. It turns out that Active Directory will let you make very lengthy user names; unfortunately there is a second field that is kept around for legacy purposes that truncates the user name to 20 characters. So using domain\SP2010_ServerFarmAccount was not the proper thing to do because the account gets truncated for authentication purposes to domain\SP2010_ServerFarmAcc.

The solution to this problem is pretty easy. Login using either the legacy form domain\SP2010_ServerFarmAcc or if you prefer to use the whole user name you can use the more modern format SP2010_ServerFarmAccount@domain.fqdn.

1 comment:

Negi said...

Thanks for great information you write it very clean. I am very lucky to get this tips from you

On Site Shredding Services