Well, its datatype is LONG so the max length with sign would be 11, but I don't recommend using the Session ID for anything too important. While it is a big integer, it's incremented sequentially, and once it hits its limit, it rolls over back to whatever IIS uses as a starting value. You could conceivably get duplicate values over time.
>What's the maximum length of a session ID generated by IIS ?
>I want to capture it and store it in a DBF as a char string.
>what field length should I allow for ?
"It is an important and popular fact that things are not always what they seem. For instance, on the planet Earth, man had always assumed that he was more intelligent than dolphins because he had achieved so much -- the wheel, New York, wars and so on -- whilst all the dolphins had ever done was muck about in the water having a good time. But conversely, the dolphins had always believed that they were far more intelligent than man -- for precisely the same reasons." - Douglas Adams