# the central access policy for use on the system. The default is to
# only deny service to users whose accounts are expired in /etc/shadow.
#
-account required pam_unix.so
+# Default was:
+#account required pam_unix.so
+#
+# LDAP config based on from http://wiki.debian.org/LDAP/PAM
+account required pam_ldap.so