freeradius + edirectory + special caracters

David dav.dlp at
Sun Jun 11 13:52:57 CEST 2006



We are trying to use freeradius 1.1.2 to authentication our users on our
wired network (802.1X). 


Our architecture is the following:


Client                       switch

Windows Xp    ----->   Enterasys -----> freeradius 1.1.2 -----> edirectory 

ldaps      LUM


Once the user gets the authorisation access, it gets its vlan too and begins
the system logon to the NT server account and to the novell edirectory
account (fire sharing)

The users connect through Aegis client on XP SP2 operating system.

The NAS are ours switches (Enterasys V2 and C2)

The authentication schema is PEAP MSCHAPV2

The users’ base is edirectory which is accessed by freradius thanks to


We have configured edirectoty with Universal password and extend its schema
in order to add radius attributes. (as indicate in documentation given by


Its works except when the user’s password contains special characters.

By example,

If the user password is ale00000 the log is:

rlm_ldap: bind as uid=david ,ou=XXX,dc= XXX/ale00000

The authentication works.

If the user password is alé00000 the log is:

rlm_ldap: bind as uid=david ,ou=XXX,dc= XXX/blé00000


The authentication fails.


I have tried with others passwords and it gives

alé00000 --> blé00000

blé00000 --> alé00000

clé00000 --> alé00000

dlé00000 --> alé00000

rlé00000 --> alé00000

d&é »’(-è --> a&é »’(-è


any help will be welcome for any clue to solve this problem; (witch is a
real problem because a lot of our users come to see us when they change
theirs passwords)


By the way, excuse me for my approximate english.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list