Pam, ldap and logging in

I can login fine but there is one quirk that I cannot seem to track
down. After entering the ldap password for a user, I receive a message
that says "Access denied for this service." It happens via ssh or
locally or gdm. But it still lets me login. It only happens for ldap users.
Here is my pam.d entries:

common-auth:
auth    sufficient      /lib/security/pam_ldap.so debug
auth    required        /lib/security/pam_env.so debug
auth    required        /lib/security/pam_unix2.so debug
auth     required       /lib/security/pam_nologin.so debug

common-account:
account sufficient      /lib/security/pam_ldap.so debug
account required        /lib/security/pam_unix2.so debug

common-password:
password sufficient     /lib/security/pam_ldap.so debug
password required       /lib/security/pam_unix2.so nullok use_first_pass
debug

common-session:
session sufficient      /lib/security/pam_ldap.so debug
session required        /lib/security/pam_limits.so debug
session required        /lib/security/pam_unix2.so debug