I have made great progress but still need assistance with the individual authentication being passed to the MS ldap. Using ldapsearch I have access to all the records. Using "ntlm_auth --request-nt-key --domain=xxxx1 --username=radtest" works as well. What I see is that "rlm_realm" finds no realm and is not able to pass authentication. Why is the "NAS-IP-Address = 255.255.255.255"? Is it that my request from the localhost " radtest radtest userpass xxxx1.xxxx2.edu 0 testing123" has syntax errors? rad_recv: Access-Request packet from host 10.1.1.27:32800, id=87, length=77 --- Walking the entire request list --- Waking up in 31 seconds... Thread 3 got semaphore Thread 3 handling request 7, (2 handled so far) User-Name = "radtest@xxxx1.xxxx2.edu" User-Password = "userpass" NAS-IP-Address = 255.255.255.255 NAS-Port = 0 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 7 modcall[authorize]: module "preprocess" returns ok for request 7 modcall[authorize]: module "chap" returns noop for request 7 modcall[authorize]: module "mschap" returns noop for request 7 rlm_realm: Looking up realm "xxxx1.xxxx2.edu" for User-Name = "radtest@xxxx1.xxxx2.edu" rlm_realm: No such realm "xxxx1.xxxx2.edu" modcall[authorize]: module "suffix" returns noop for request 7 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 7 users: Matched entry DEFAULT at line 152 modcall[authorize]: module "files" returns ok for request 7 rlm_ldap: - authorize rlm_ldap: performing user authorization for radtest@xxxx1.xxxx2.edu radius_xlat: '(uid=radtest@xxxx1.xxxx2.edu)' radius_xlat: 'ou=Users,dc=xxxx1,dc=xxxx2,dc=edu' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=Metro Users,dc=xxxx1,dc=xxxx2,dc=edu, with filter (uid=radtest@xxxx1.xxxx2.edu) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns notfound for request 7 modcall: group authorize returns ok for request 7 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 7 modcall[authenticate]: module "unix" returns notfound for request 7 modcall: group authenticate returns notfound for request 7 auth: Failed to validate the user. Delaying request 7 for 1 seconds Finished request 7 Going to the next request Thread 3 waiting to be assigned a request rad_recv: Access-Request packet from host 10.1.1.27:32800, id=87, length=77 Sending Access-Reject of id 87 to 10.1.1.27:32800 --- Walking the entire request list ---