rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 0 rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this. modcall[authorize]: module "pap" returns noop for request 0
The ldap module didn't find a password for the user, thus the PAP module couldn't authenticate the user. I don't know enough about eDirectory to help much more; I can say that a "normal" LDAP server might contain entries of the form: dn: cn=user,ou=.... cn: user objectClass: top objectClass: person userPassword: {CRYPT}xxxxxxxx ...or similar, and the ldap module is smart enough to figure it out. As Ivan has pointed out, I suspect this line higher up is the issue:
rlm_ldap: No default NMAS login sequence
A quick read through the source code indicates the mysterious NMAS is novell universal auth / password / blah.