Oh totally - I'm not suggesting fiddling with the existing code, just noting that the reason the OP was getting the warning about User-Password versus Cleartext-Password was (I guess) rlm_ldap doing it, rather than anything he did.
I kind of like that idea. :-) The part were you blame rlm_ldap instead of me.