I use LDAP authentication on several Web servers. For the first time, I have a Web application that I want to open to customers as well as staff. Usually, I just put the users into a group. Apache validates the password against LDAP and checks for group membership, and either accepts or rejects the request. The relevant Apache configuration looks like this:

AuthLDAPURL "ldap://ldap1.domain.com/ou=people,dc=domain,dc=com" STARTTLS
AuthLDAPGroupAttribute memberUid
require ldap-group...