Turned off openldap because it just had too many problems. My biggest issue was that it would allow ssh logins to a machine, but it would not allow console logins. I have no idea why. Since, in our case, most of the logins are console logins, this turned out to be a HUGE problem. I’ll continue to test openldap with a test case, but definitely cannot yet use it on our production machines. I’ll have to come up with a different way of syncing passwords between machines.