It’s a usability choice, maybe good maybe bad. There’s plenty of blog post about masked password and usability. I think in this case an hidden password does not add more security.
It’s as secure as Linux filesystem permissions and Apache PHP module. That means it is not the best place where to store a secret, but should do the job
The password cannot be stored encrypted, because it must be decrypted, too, then sent across the network to the remote LDAP server (possibly through an SSL channel). So it is clear-text, but users of the system cannot read it (like other secrets, say httpd RSA private key…).
Anyway I suggest to store the credentials of an unprivileged account, because only read access is needed on the remote LDAP db.