Re: How do PAM and LDAP like each other?
Generally, it works something like this
PAM functionality is defined by modules ( *.so libraries) that are loaded. LDAP functionality is provided through pam_ldap.so.
When the user logs in, or does anything that requires pam, the system looks up the corresponding PAM file (there are ones for login, proftpd, pureftpd, .etc .etc), and auths using the libraries listed there. If you have the LDAP library loaded, it either looks into pam_ldap.conf (this is for fedora, the settings are placed elsewhere in other distros) for the information used to access the LDAP server (i.e. bind password, address) or in some configurations, this is done through the nslcd backend (/etc/nslcd.conf) instead. The nslcd method uses libpam-ldapd (the same backend as NSS (libnss-ldapd)), while the older method uses libpam-ldap.
This explanation is a bit simplified (no explanation of the auth required/ account required, .etc .etc), but it should suffice
Don't waste your energy trying to change opinions ... Do your thing, and don't care if they like it.