PAM and LDAP
Getting this going is a challenge. It needs some tweaks with PAM to get the authentication going. In order to get it to work we needed libpam-ldapd NOT to be confused with libpam-ldap.
libpam-ldapd brings with is changes to nsswitch.conf so that certain pam capable services are capable of using ldap. The ones we need are passwd, group and shadow