ADAMS,
If you use LDAP, you have to install and manage supplicant software on all the laptops that needs to authenticate, and then you will NOT be able to do machine authentication. LDAP is challenging to implement for 802.1x. If the users need machine authentication, you will have to switch away from LDAP and then use radius anyway. You should use radius from the beginnning.