From 5cd609c27b4c539053a0b49df3fe9b18dd040fac Mon Sep 17 00:00:00 2001 From: Konrad Bucheli Date: Mon, 15 May 2023 13:58:43 +0200 Subject: [PATCH] typo --- admin-guide/architecture/active-directory.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/admin-guide/architecture/active-directory.md b/admin-guide/architecture/active-directory.md index aab50c51..8525b5c7 100644 --- a/admin-guide/architecture/active-directory.md +++ b/admin-guide/architecture/active-directory.md @@ -41,7 +41,7 @@ We perform the join password-less, by pre-creating the computer object using a script running on the Puppet master. As the AD only support [computer account aka NetBIOS names with maximum 15 characters](https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/naming-conventions-for-computer-domain-site-ou#netbios-computer-names) it shortens longer hostnames down to the first 15 characters. This is a bit unfortunate as this name has to be unique as it serves as primary identifier in the AD. -To work around this limitation we use a different NetBIOS name if the hostname is longer than 15 characters which is less prone to collisons ([inspiration](https://www.beyondtrust.com/docs/ad-bridge/how-to/delegate-domain-join-privileges/ad-naming-limitations.htm)). +To work around this limitation we use a different NetBIOS name if the hostname is longer than 15 characters which is less prone to collisions ([inspiration](https://www.beyondtrust.com/docs/ad-bridge/how-to/delegate-domain-join-privileges/ad-naming-limitations.htm)). The actual NetBIOS name we use for these hosts is the first 7 characters of the name, then a `-` followed by the last 7 characters of the SHA256 hash of the fully qualified domain name. To check the NetBIOS name of a given host run