FreeRADIUS 3.0.25 with a singe backslash in user's password

Burn Zero burnzerog at
Fri Dec 3 08:42:06 CET 2021


I noticed some authentication issues recently and saw that it is due to
people using backslash \ in their passwords. If there is a single backslash
in the password, then FreeRADIUS adds another backslash to it and hence the
authentication is rejected.

I have:

In LDAP module,

update {
control:My-Raw-Password         += 'User-Password'

Then in authorize,

ntlm_auth.authorize {
  if (!control:Auth-Type && User-Password) {
    update control {
      User-Password := "%{string:control:My-Raw-Password}"
      Auth-Type := ntlm_auth

I searched several posts in this mailing list but I couldn't get it. Could
you please let me know how to parse the backslash as backslash and not to
add any extra backslash?

Thank you.


More information about the Freeradius-Users mailing list