Since all the RADIUS servers I've used (FreeRadius, Radiator, Cisco Access
Registrar) support authenticating against a number of different identity
storage backends (LDAP, RDBMSs, etc.) ... it would be interesting to know
what RADIUS server this is, and why you can't instead authenticate against
the same backend store that it uses ...
To me it really seems like you are doing one thing the wrong way around
because you have something else doing things the wrong way around.
The backend against which RADIUS authenticatate could be used, and it will
prbbaly be in the future, but that require major refactoring of some IT mess,
which is not in the short terms gaols.
Of course that RADIUS story is not The Right Way, but it is what I need right
now. This is the real world, you know...