In testing pam_ldap for authentication of samba users I discovered that pam is not used. Adding auth required pam_warn.so to /etc/pam.d/samba does not result in warnings in syslog. Changes to /etc/passwd /etc/shadow are effective so it appears to be reading them directly instead of using pam. I am not using samba encrypted passwords. I suspect that --with-pam option is not used during your samba build for the rpm per following quote from www.samba.org: Samba 2.x detects whether your OS has PAM (Pluggable Authentication Module) support at compile time and uses it if it is available. We have fixed this for the next release of Samba (version 2.0.4) by adding a --with-pam configure option. If you don't use that option then PAM won't be used.
Source RPM showed option correct in build. Dug a little deeper and got it working. I believe that once /etc/smbpasswd (which had passwords sync'd with the unix passwords) was removed samba utilized pam correctly. Please close this bug.