Admin should not be able to set an LDAP user's local password
When a user has an LDAP identity, they are unable to set a local password. This makes sense from a security perspective - a user should be required to use their LDAP password for all authentication. However, an admin can still set a local password for an LDAP user. I can't think of a reason an admin would need to do this, and it could cause confusion and be less than desirable for security reasons. We should disable or remove the password fields from the admin edit user form.