FreeRadius with Samba 4 using NTLM

I was following this tutorial: http://wiki.freeradius.org/guide/freeradius-active-directory-integration-howto to setup AD integration but I am still experiencing problem with FreeRadius.

When I use

radtest -t mschap "username" "password" localhost 1812 testing123 

it returns:

Received Access-Reject Id 250 from 127.0.0.1:1812 to 127.0.0.1:59482 length 38
        MS-CHAP-Error = '\000E=691 R=1'
(0) -: Expected Access-Accept got Access-Reject

Anyway when I try(NTLM String should be correct):

sudo -u radiusd ntlm_auth --username="MyUserName" --request-nt-key
Password:
NT_STATUS_OK: Success (0x0)

When I start radiusd -X I can see errors:

(1)  mschap : EXPAND --challenge=%{%{mschap:Challenge}:-00}
(1)  mschap :    --> --challenge=4052dcf90b2dec2c
(1)  mschap : EXPAND --nt-response=%{%{mschap:NT-Response}:-00}
(1)  mschap :    --> --nt-response=617c94e4b57451ef769181355abf9a297ba5bb05d1938891
Program returned code (1) and output 'Logon failure (0xc000006d)'
(1)  mschap : External script failed
(1)  ERROR: mschap : External script says: Logon failure (0xc000006d)
(1)  ERROR: mschap : MS-CHAP-Response is incorrect
(1)   [mschap] = reject
(1)  } # Auth-Type MS-CHAP = reject
(1) Failed to authenticate the user

But I was not able to find any solutions. Any idea how to debug this or what could be wrong?

the 'return code' (0xc000006d) indicate that the ntlm_auth script don't authenticate the provided credentials and exit with code 1. So, I would try to 'hard code' the ntlm_auth in the mods-available/mschap with your control items and add item by item. E.g.:

ntlm_auth = 'ntlm_auth --username="MyUserName" --request-nt-key --password="MyUserPassword"'

Hope that helps.