PEAP w/MSCHAP wont work against LDAP. You would have to load an EAP-GTC enabled supplicant (The Windows native supplicant doesnt do EAP-GTC) on each device you wanted to allow on your network.
If you have to upgrade, you might want to consider Aruba ClearPass Policy Manager. It's a full featured RADIUS server and is (IMHO) easier to setup, configure and debug than IAS/NPS (or any other RADIUS vendor's product).