I believe I have found a bug in that when I have a lot of users with similar enough naming that results in hash collisions, the collided users in the linked list are not always properly sorted. This results in a noop from the rlm_files module and authentication failure. I have tested 2.1.7 and a 3.1 pull from git. Since I'm unable to paste such a large users file, hopefully this TCL snippet, which you can redirect to a file, will suffice to generate the users file. #! /usr/bin/env tclsh set users [list] set pw "thisisatest" for {set i 8} {$i < 16} {incr i} { for {set j 0} {$j < 32768} {incr j} { lappend users "[format %016d [expr {$j + 1}]]@aaaaa${i}.com\tCleartext-Password := \"$pw\"" } } puts [join $users "\n"] In this file, there will be 6 users that cannot be authenticated and it always seems to happen in pairs. Mon Jul 13 12:17:40 2015 : Auth: (0) Login incorrect (No Auth-Type found: rejecting the user via Post-Auth-Type = Reject): [ 0000000000026311@aaaaa10.com/thisisatest] (from client name port 0) Mon Jul 13 12:17:49 2015 : Auth: (1) Login incorrect (No Auth-Type found: rejecting the user via Post-Auth-Type = Reject): [ 0000000000026311@aaaaa11.com/thisisatest] (from client name port 0) Mon Jul 13 12:17:53 2015 : Auth: (2) Login incorrect (No Auth-Type found: rejecting the user via Post-Auth-Type = Reject): [ 0000000000028649@aaaaa12.com/thisisatest] (from client name port 0) Mon Jul 13 12:17:57 2015 : Auth: (3) Login incorrect (No Auth-Type found: rejecting the user via Post-Auth-Type = Reject): [ 0000000000028649@aaaaa13.com/thisisatest] (from client name port 0) Mon Jul 13 12:18:00 2015 : Auth: (4) Login incorrect (No Auth-Type found: rejecting the user via Post-Auth-Type = Reject): [ 0000000000028471@aaaaa14.com/thisisatest] (from client name port 0) Mon Jul 13 12:18:05 2015 : Auth: (5) Login incorrect (No Auth-Type found: rejecting the user via Post-Auth-Type = Reject): [ 0000000000028471@aaaaa15.com/thisisatest] (from client name port 0) I have debugged this to the point where if I relax the 'if (cmp > 0) break;' in list_find to 'if (cmp > 0) continue;', forcing a further walk of the list, my users will be authenticated. At this point though, the reverse split-ordered list is a bit beyond me and I'm looking for some help. Any ideas? Is this enough for a defect? Thanks, Dylan