Troubleshooting

LDAP query test : getent

getent passwd must yield remote login names if LDAP queries are successful. See here.

LDAP authentication test :  su

su with a uid that has no entry in local passwd or shadow files. See here.

LDAP authentication test : pam_warn

Add the following line session session optional /lib/security/pam_warn.so to /etc/pam.d/login. Then open a console session. Then scan the system logs (/var/log/messages or secure or auth as the case may be)

SSL test

/etc/ldap.conf
existing line uri=ldaps://...
new line uri=ldap://

No network volume

/etc/security/pam_mount.conf
existing line debug=0
new line debug=1