Active Directory - Validate Group SamAccountName

2012, Feb 21    

Did a lot of digging to find the details needed so that I can write a Reg Ex to validate an AD Group SamAccountName. ¬†Here’s what I got and I wanted to share …

(^[^. ""/\[]:|\+=;?*][^""/\[]:|\+=;?*]{1,63})(?(1)|[^.]$)

This translates to:

  • Not Starting with a period (.) or a space ( ).
    • This, by design, excludes strings consisting solely of all¬†periods (.) or spaces ( ).
  • Between 1 and 64 characters (inclusive) long.
  • Not including any of these characters:
    • “/[]:|<>+=;?*
  • Not ending in a period (.).

If you’re like me, you want justification:

I realize the page says 63 characters, but my testing shows 64 to be valid (Win2k8).