Auth against Windows AD, Radius and Umlauts in passwords

Hello,

Our setup:
Pritunl Windows Radius (Network Policy Server) Active Directory.

We have just identified the problem that passwords containing umlauts are rejected by the RADIUS server. Could this be due to Pritunl, so it could be fixed, or should we tell all users not to use umlauts in their passwords?
I have no real idea where to start.

There is a lot of string filtering for user inputs. But this is likely an issue with Python handling unicode when using the RADIUS API. The password is hashed in the pritunl/sso/radius.py file.