> Full output of freeradius -X after command
>
> [local] performing search in dc=ourcorp,dc=net, with filter (uid=abx)
> [local] checking if remote access for abx is allowed by dialupAccess
> [local] Added User-Password = 1D*************************************9B in check items
And… that’s the issue. You’ve configured it to get the User-Password from LDAP.
> [local] No default NMAS login sequence
> [local] looking for check items in directory...
> [local] sambaNtPassword -> NT-Password == 0x31***********************************************************************42
That means it’s not using the NT-Password.
> Found Auth-Type = PAP
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> !!! Replacing User-Password in config items with Cleartext-Password. !!!
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> !!! Please update your configuration so that the "known good" !!!
> !!! clear text password is in Cleartext-Password, and not in User-Password. !!!
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
It helps to READ these messages and fix the problem. If you had done that, it would have worked.