Hi all, I'm using freeradius+LDAP for the PPPoE dialup access control for a while. Lately I noticed there is weird issue whereby an user login with username as "user=5C=5C=5C=5Cuser@domain" and surprisingly freeradius allow it to login although the actual username should be "user@domain". I've run radius in -X mode and capture the log for your reference as below. In radiusd -X, we noticed server received Access-Request with username "user=5C=5C=5C=5Cuser@domain" but when reach to radius_xlat, the uid will become "user" only and when it query my LDAP the account for "user" is available and it will accept the access request. The question is why "user=5C=5C=5C=5Cuser" = "user"? We try the username with xC (i.e. 1C, 2C, 3C and so on...) and all are able to login because radius will take as user@domain. After login, the username in radacct will become "user=5C=5C=5C=5Cuser@domain" instead of "user@domain". As the consequence, the smart user may have multiple logins (by using user=1C/2C/3C....) and the records in radacct is different and therefore we will out of control for multiple login with single account. Any idea to fix this? rad_recv: Access-Request packet from host 127.0.0.1:32877, id=87, length=93 User-Name = *"user=5C=5C=5C=5Cuser@domain"* User-Password = "password" NAS-IP-Address = 255.255.255.255 NAS-Port = 0 rlm_ldap: performing user authorization for *user=5c=5c=5c=5cuser* radius_xlat: * '(uid=user)'* Regards -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.