TeamWorks supports authentication using IDs and credentials that are validated with the LDAP identity source from which they were provisioned. The credentials from these LDAP providers are cached within TeamWorks, but they are never really synchronized from the LDAP provider.
Local users that are not provisioned via LDAP have their local credentials stored in TeamWorks. These credentials are secured, encrypted, and protected.