LDAP authentification with passwords containing special characters

Norbert Kunth norbert.kunth at gmail.com
Wed Jul 22 16:54:43 CEST 2015


Hi everybody,

we use freeradius 2.1.1 and try to authenticate users via LDAP. But
there seems to be an issue if we use special characters (such as #).

#XxuwBw. is the correct user password

If the users connects I can see the following messages:

[...]
[ldap] Added User-Password = #XxuwBw. in check items
[ldap] No default NMAS login sequence
[ldap] looking for check items in directory...
rlm_ldap: userPassword -> Password # "XxuwBw."
[ldap] looking for reply items in directory...
rlm_ldap: Failed to create the pair: Failed to find IP address for XxuwBw.

At this point something has removed the # and changed the password to XxuwBw.

Subsequently the authentication fails:

[...]
[chap] Using clear text password "XxuwBw." for user ABCDE authentication.
[chap] Password check failed


Are there any restrictions regarding the characters allowed?


Best regards
Norbert


More information about the Freeradius-Users mailing list