Radius module pad extra backslash to user password

Tran_Trong_Tan · March 21, 2018, 10:18am

Hi,
I got a strange problem when user can login via webUI but not via radius plugin. Both method authenticate against an AD backend. Find out that if the user’s password have a backslash \ the privacyidea will add an extra one to the password before send it to AD.
My PI version is 2.20.1.
Is it bug or I’ve messed somewhere else?

Thank you,
Tan

cornelinux · March 21, 2018, 2:39pm

This sounds like RADIUS!

Stop freeradius and then run freeradius in Debug mode via:

freeradius -X

You should see, how the password looks like.

Tran_Trong_Tan · March 22, 2018, 2:48am

Thank Cornel,
You’re right. It’s freeradius problem. I’m using freeradius 2.2.8+dfsg-0.1ubuntu0.1 shipped with Ubuntu 16.04.3.