Client Configuration question

Hi all,

I am pretty new to PAM so the following question might sound trivial. I installed a configured PAM on a test server, everything works when configured to use a proxy user. What I would like to do is to have the logging in user to perform a BIND operation towards the LDAP:

1 Is this possible? Is this possible without using ldap over SSL?
2 How (which parameter should I change and which value should it have?)

Thanks in advance

Sergio