Client Configuration: PAM

/etc/pam_ldap.conf

# Your LDAP server.
host 127.0.0.1

# The distinguished name of the search base.
base dc=example,dc=net

# Use the V3 protocol to optimize searches
ldap_version 2

# Filter to AND with uid=%s
#pam_filter objectclass=account

# The user ID attribute (defaults to uid)
#pam_login_attribute uid

pam_crypt local

/etc/pam.d/ssh - need similar for every app you want to use ldap

#%PAM-1.0
auth       sufficient   /lib/security/pam_ldap.so
auth       required     /lib/security/pam_pwdb.so shadow nullok try_first_pass
auth       required     /lib/security/pam_nologin.so
account    sufficient   /lib/security/pam_ldap.so
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   sufficient   /lib/security/pam_ldap.so
password   required     /lib/security/pam_pwdb.so shadow nullok use_authtok
session    sufficient   /lib/security/pam_ldap.so
session    required     /lib/security/pam_pwdb.so