In order to use LDAP+Radius authentication with PAM it is necessary that the contents of a field in LDAP match the user in Radius. The way to do this is to configure Unique Attribute field for the LDAP server, on the 3rd Party page, so that it references the field in LDAP that contains the value that is the same as the user configured on the Radius server. Typically, this field should be samaccountname= or userprincipalname=, but it will depend on the configuration of your LDAP server. Take a look at the attached document for more detail.