radiusd -X -A output: http://pastebin.ca/444131 radius.conf: http://pastebin.ca/444132 OK Ive sorted that pesky ntlm_auth error, but I have encountered a new 1 (at least its something new :D ). The specific part of the error is below. rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to 10.1.1.11:389, authentication 0 rlm_ldap: could not set LDAP_OPT_X_TLS_REQUIRE_CERT option to allow rlm_ldap: bind as cn=freeradius,ou=admins,ou=radius,dc=tfxschool,dc=com/frpass to 10.1.1.11:389 rlm_ldap: waiting for bind result ... rlm_ldap: LDAP login failed: check identity, password settings in ldap section of radiusd.conf rlm_ldap: (re)connection attempt failed rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns fail for request 1 modcall: leaving group authorize (returns fail) for request 1 It complains about my password in radius.conf. Here is the section in question: ldap { # !! I assume that mydomain is replaced with desired domain. server = 10.1.1.11 identity = cn=freeradius,ou=admins,ou=radius,dc=tfxschool,dc=com password = frpass #this is the basedn to do searches on a user basedn = ou=users,ou=radius,dc=tfxschool,dc=com #notice the username is the stripped user-name or user-name filter = (uid=%{Stripped-User-Name:-{User-Name}}) start_tls = no tls_mode = no #this maps ldap attributetypes to radius attributes dictionary_mapping = ${raddbdir}/ldap.attrmap ldap_cache_timeout = 120 ldap_cache_size = 0 ldap_connections_number = 10 #password_header = {clear} #While integrating FreeRADIUS with Novell eDirectory, set #'password_attribute = nspmpassword' in order to use the universal password #of the eDirectory users for RADIUS authentication. This will work only if #FreeRADIUS is configured to build with --with-edir option. password_attribute = frpass I have created the user freeradius on the win2k3 server, added him to the groups admins and radius and set the password to frpass. All insights and suggestions welcome.