Long Usernames with Active Directory
When configuring Active Directory login on Sophos XG firewall you will have problems if the username is over 20 characters long. This is a limitation of the sAMAccountName field in AD. If you configure it as a LDAP authentication you can specify the userPrincipalName field for the username. This field doesn't have a character limitation. I would suggest an option when configuring Active Directory that we can choose to change the field used for login. This would work also in networks where there is more than one domain for authentication.
Then users could just type their full email (ex. username@domain.com) to login to the firewall.
