julio, thanks for going through the trouble of making and sharing this.
I've followed your instructions and successfully built the RADIUS module. Authentication works perfectly from radtest (with mschap) and from a Mikrotik router (for L2TP authentication).
There's just one detail that is not working as expected: No matter what group I choose at Zentyal's web interface, the RADIUS server will authenticate ANY valid user, regardless of the user being part of the specified group or not. As long as it's a valid domain account, it'll reply with an "Accept-Accept".
I've checked that the group is correcly being set inside /etc/freeradius/users:
DEFAULT LDAP-Group == <group name>
and also tried to manually edit it, using the full DN, but it makes no difference:
DEFAULT LDAP-Group == "CN=group,OU=foo,DC=bar,DC=com"
I don't have any experience with Freeradius, so I'm a bit lost about what can be causing this.
Running Zentyal 4.1 x86 (old server), if it makes any difference.
Any help is very much appreciated.