We've recently upgraded our Device Manager to 4.1(3a) and have a mix of switches running this version as well as older versions (3.3(3)). We use AAA tacacs+ on the switches to a Cisco ACS server for user authentication. The ACS server backends out to our Windows Domain authentication service. Typically usernames are formatted as follows: domain\username
This has worked fine for a long time, however now DM 4.1(3a) can't authenticate a user on a 3.3(3) switch. Various debugs and logs on the ACS point to problems handling the \ character in the username. A single \ gets "eaten" by either DM or the switch(don't know which) and the ACS sees a login attempt from domainusername, which of course fails. A \\ doesn't work either, in this case both \ characters are passed through to the ACS which now see a login attempt from domain\\username which also fails.
Looked at all the release notes, CCO bug searches, google and previous forum articles and found nothing on this.
Any help would be appreciated.