Backslash in AD Password

Alan DeKok aland at
Thu Jul 12 17:02:52 CEST 2018

On Jul 12, 2018, at 10:58 AM, Bernhard Knoll <Bernhard.Knoll at> wrote:
> is it possible to see what password a module is forwarding to an application?

  The debug output you posted to the list shows this.

> I have the problem that  I run freeradius with an external OTP Software (LinOTP) via a rlm_perl module.
> When I try to authenticate from a Cisco ASA with Anyconnect the authentication fails if there is a backslash in the username.
> If I try to authenticate directly agauinst the OTP Software it works with the backslash.
> In the radius -X log is see the password with escaped backslash:

  Yes... that's how it works.  Special characters are escaped.  With backslashes.

> Is there  a way to see if freeradius sends the password with 2 backslashes?

  The debug output?

  Or, you can edit the Perl function to print out each individual character in the password.

  Alan DeKok.

More information about the Freeradius-Users mailing list