Authenticate with Window NPS Radius Server Failed

[ibuler]

Error is:

    return super().authenticate(*args, **kwargs)
  File "/Users/guang/vm/py/py36/lib/python3.6/site-packages/radiusauth/backends/radius.py", line 211, in authenticate
    result = self._radius_auth(server, username, password)
  File "/Users/guang/vm/py/py36/lib/python3.6/site-packages/radiusauth/backends/radius.py", line 174, in _radius_auth
    return self._perform_radius_auth(client, packet)
  File "/Users/guang/vm/py/py36/lib/python3.6/site-packages/radiusauth/backends/radius.py", line 154, in _perform_radius_auth
    cl = cl.decode("utf-8")
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xae in position 0: invalid start byte

I found the reply bytes is:

AuthPacket([(7, [b'\x00\x00\x00\x01']), (6, [b'\x00\x00\x00\x02']), (25, [b"\xaeu\t\t\x00\x00\x017\x00\x01\x02\x00\xac\x10\n&\x00\x00\x00\x00p\xf8\xd6'=\xd9\x9e\xe2\x01\xd6g#b=_\x82\x00\x00\x00\x00\x00\x00\x00\x05"])])

So I try ... except continue with be resolve

[tbiens]

The fix I found was on lines 144, 145 set is staff and is superuser to True. Then remove lines 147 to 162. Every auth against radius does mean superuser but it works.

[mngan]

I believe that Windows NPS is setting this attribute itself and you can't really control it. I recall trying and NPS broke when I tried to override it. I was only able to work around this by overriding the _perform_radius_auth() method as @tbiens had suggested. I did this by creating a new subclass and then referencing that class in AUTHENTICATION_BACKENDS