After upgrade from 4.1.1 to 4.1.6 all Radius authentication attempts fail with "Bad user ID or Password". You don't see any communication to the Radius server.

Affects PAM releases 4.1.4-4.1.6

The problem is observed when the Radius secret includes an open square bracket character "[". The Radius client used by PAM had a problem with that after IPv6 support was added in the 4.1.4 release.

The problem is fixed in 4.1.7+. The fix also is in 4.2 GA, but there is a residual problem in 4.2 that requires an additional fix, which is included in hotfix 4.2.0.03.

For 4.1.6 hotfix 4.1.6.01 needs to be applied to resolve the problem.

In one case this problem came back after applying cumulative hotfix 4.1.6.50. If you have this problem after applying the cumulative hotfix, open a case with PAM Support.