Valid characters for user IDs and passwords

Valid characters for user IDs and passwords

Character limitations apply to the WAS administrator, the database administrator, the LDAP server administrator, and user IDs. Database and LDAP servers can have more restrictive limitations than provided here. Installation failure can result from incorrectly defined user IDs and passwords. On the user information signup form do not enter characters that might not be supported, regardless of what characters we are able to enter on the form. We can specify other characters in the First Name and Last Name fields. If our company policy is more restrictive, we can provide that information to your users in the enrollment form help or as inline help directly on the form. WebSphere Application Server cannot create user IDs or passwords that contain spaces, although it fully supports any existing user IDs and passwords or those created in the user repository that contain spaces.
A valid user ID and password can contain the following characters:

Lowercase characters {a-z}
Uppercase characters {A-Z}
Numbers {0-9}
Exclamation point {!}
Open parenthesis {(}
Close parenthesis {)}
Dash {-}; not supported as the first character in the user ID or password
Period {.}; Not supported as the first character in the user ID or password
Question mark {?}
Open bracket {[}
Close bracket {]}
Underscore {_}; Only supported special character in IBM i
Grave accent {`}
Tilde {~}
Commercial at {@}, Not supported when creating the WAS administrator during installation.
Hash mark (or pound sign) {#}
Single {'} and double {"} quotation marks - Using both in a single ID is not supported.

These are all ASCII characters. Non-ASCII characters are not allowed for a username or password.
If we plan on using a non-ASCII based encoding, ensure the Java Virtual Machine has the correct generic arguments specific for the non-ASCII based encoding. For example, for UTF-8 encoding, the following two parameters should be added to the Java Virtual Machine generic arguments for WebSphere Portal: -Dfile.encoding=UTF-8 and -Dclient.encoding.override=UTF-8.

(Linux) Some tasks might require you to enter the fully qualified user ID. If our fully qualified user ID contains a space; for example:
cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com

...we must place the fully qualified user ID in the properties file or into a parent properties file instead of as a flag on the command line. For example, create a parent properties file called mysecurity.properties, enter the fully qualified user ID, and then run the task:
./ConfigEngine.sh task_name -DparentProperties=/opt/mysecurity.properties

(Windows) Some tasks may require you to enter the fully qualified user ID. If our fully qualified user ID contains a space; for example:
cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com

we must place quotes around the fully qualified user ID before running the task; for example,
"cn=wpsadmin,cn=users,l=SharedLDAP,c=US,ou=Lotus,o=Software Group,dc=ibm,dc=com"

The only supported characters in IBM i are lowercase characters, uppercase characters, numbers, and the underscore.
The following table contains a list of the required fields on the user information form and the supported characters.

User information Valid characters Unsupported characters
User ID

Lowercase characters {a-z}
Uppercase characters {A-Z}
Numbers {0-9}
Exclamation point {!}
Open parenthesis {(}
Close parenthesis {)}
Dash {-}; Not supported as the first character in the user ID or password
Period {.}; Not supported as the first character in the user ID or password
Question mark {?}
Open bracket {[}
Close bracket {]}
Underscore {_}; this is the only supported special character in IBM i
Grave accent {`}
Tilde {~}
Commercial at {@}, Not supported when creating the WAS administrator during installation.
Single {'} and double {"} quotation marks; Ensure that we are not using both the characters in a single user ID.

Only ASCII characters are allowed.

Other restrictions: The user ID cannot contain spaces; for example, user name.
(Windows) (Linux) (AIX) (Solaris) (iSeries) User IDs cannot be longer than 200 characters.

If we enter any unsupported characters during the installation, we will receive an error message that states which character is invalid. For example, "The special character [@] was found in the administrative user ID field. Enter the administrative user ID again."
You receive a different error message if we enter any unsupported characters when creating users through the Manage users and groups portlet.
Password / Confirm password

Lowercase characters {a-z}
Uppercase characters {A-Z}
Numbers {0-9}
Exclamation point {!}
Open parenthesis {(}
Close parenthesis {)}
Dash {-}; Not supported as the first character in the user ID or password
Period {.}; Not supported as the first character in the user ID or password
Question mark {?}
Open bracket {[}
Close bracket {]}
Underscore {_}; this is the only supported special character in IBM i
Grave accent {`}
Tilde {~}
Commercial at {@}, Not supported when creating the WAS administrator during installation.
Hash mark (or pound sign) {#}
Single {'} and double {"} quotation marks; Ensure that we are not using both the characters in a single user ID.

Diacritics, such as the umlaut, and DBCS characters are not allowed.

Other restrictions: The password cannot contain spaces; for example, pass word.
(Windows) (Linux) (AIX) (Solaris) (iSeries) Passwords cannot be longer than 128 characters.

Login or ConfigEngine tasks might fail if the password contains any unsupported characters, including DBCS characters. This action happens even if a user is successfully enrolled using a password containing DBCS characters.
If we enter any unsupported characters during the installation, we will receive an error message that states which character is invalid. For example, "The special character [@] was found in the password field. Enter the password again."

First Name All characters n/a
Last Name All characters n/a

The previous characters are true if the user.UNIQUEID.charset parameter is set to ascii. If set to unicode, the standard Java Letter definition is used and all characters that are recognized as letter or digit by Java are allowed by default. See the Puma Validation Service section in the Portal configuration services link for information about further parameters that can be modified to affect the behavior of Portal's validation of users, groups, and passwords.

User information	Valid characters	Unsupported characters
User ID	Lowercase characters {a-z} Uppercase characters {A-Z} Numbers {0-9} Exclamation point {!} Open parenthesis {(} Close parenthesis {)} Dash {-}; Not supported as the first character in the user ID or password Period {.}; Not supported as the first character in the user ID or password Question mark {?} Open bracket {[} Close bracket {]} Underscore {_}; this is the only supported special character in IBM i Grave accent {`} Tilde {~} Commercial at {@}, Not supported when creating the WAS administrator during installation. Single {'} and double {"} quotation marks; Ensure that we are not using both the characters in a single user ID.	Only ASCII characters are allowed. Other restrictions: The user ID cannot contain spaces; for example, user name. (Windows) (Linux) (AIX) (Solaris) (iSeries) User IDs cannot be longer than 200 characters. If we enter any unsupported characters during the installation, we will receive an error message that states which character is invalid. For example, "The special character [@] was found in the administrative user ID field. Enter the administrative user ID again." You receive a different error message if we enter any unsupported characters when creating users through the Manage users and groups portlet.
Password / Confirm password	Lowercase characters {a-z} Uppercase characters {A-Z} Numbers {0-9} Exclamation point {!} Open parenthesis {(} Close parenthesis {)} Dash {-}; Not supported as the first character in the user ID or password Period {.}; Not supported as the first character in the user ID or password Question mark {?} Open bracket {[} Close bracket {]} Underscore {_}; this is the only supported special character in IBM i Grave accent {`} Tilde {~} Commercial at {@}, Not supported when creating the WAS administrator during installation. Hash mark (or pound sign) {#} Single {'} and double {"} quotation marks; Ensure that we are not using both the characters in a single user ID.	Diacritics, such as the umlaut, and DBCS characters are not allowed. Other restrictions: The password cannot contain spaces; for example, pass word. (Windows) (Linux) (AIX) (Solaris) (iSeries) Passwords cannot be longer than 128 characters. Login or ConfigEngine tasks might fail if the password contains any unsupported characters, including DBCS characters. This action happens even if a user is successfully enrolled using a password containing DBCS characters. If we enter any unsupported characters during the installation, we will receive an error message that states which character is invalid. For example, "The special character [@] was found in the password field. Enter the password again."
First Name	All characters	n/a
Last Name	All characters	n/a