From what you're saying I believe I need to put in the LDAP config for our eDirectory and uncomment any LDAP authorisation/authentication entries. Anything else?
Then I can use radtest to test the authentication?
Yes. First test with user file entry, then with entry in the directory.
How does the config know to use PAP rather than CHAP/MSCHAP?
Welcome to Freeradius. Server will figure it out "on it's own" (it can determine what type of a request it is) and apply the appropriate processing (ie. set Auth-Type itself). Once pap is working you can send a mschap request (radtest doesn't do it but something like JRadius Simulator can) to make sure that works (you haven't encrypted the password or such) before sending a PEAP request. Ivan Kalik Kalik Informatika ISP