Thank you for that link aysiu.
Does Ubuntu do this by disabling logins with the "*" password trick, or is PAM used?
Using a persons own password for sudo is the way Mandrake sets things up. This allows you to let some users to run some root commands without having to reveal the root password. Here there is no root password to give out!