Indeed-for users that are bound to OpenLDAP its a massive issue. Without knowing those users exact setup its hard to know exactly what the issue is-the fact that its ONLY OpenLDAP servers is odd. The client must be receiving some sort of authentication succeeded message (you will note that it won't accept a blank password-so in that case OpenLDAP is responding with a failure). It may be a bug in Lion that triggers a bug in OpenLDAP.