SBR RADIUS returning a string attribute with an additional character in the Access-Accept packet
3 years ago
Originally Published: 2022-04-07
Article Number
000067886
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.5
Issue
- After configuring a RADIUS profile for a certain Return Attribute, the authentication is successful. However, the packet capture shows the attribute returned having an additional character at its end.
- The first capture shown below is for a test environment, while the second one is from the RSA RADIUS server. An additional byte was introduced "Null Character".
image.pngimage.png
Cause
- In Steel-Belted Radius, the NoNullTermination flag in the radius.ini configuration file allows return attributes to be sent with a null character at its end if set to 0.
- By default, its value is set to 0.
image.png
Resolution
1. Log in to the Operations Console of the primary server.
2. From Deployment Configuration > RADIUS Servers
3. When prompted, enter the Super Admin credentials.
4. Navigate to the Server NameManage Server Files.
3. In the Configuration Files tab, edit radius.ini.
4. Navigate to the NoNullTermination parameter, remove the comment ";" and change its value to 1
5. Save and restart the RADIUS service.
6. The Return Attribute is shown as it is with no additional characters.
7. Repeat steps 1-5 for every RADIUS replica server in your deployment.
Workaround
N/A
Notes
N/A

Related Articles

Trending Articles

Don't see what you're looking for?