Comment 36 for bug 423252

Looks like it's still busted with latest 'aptiude upgrade' in karmic 64bit Server.
I tried to work-around by copying /lib/libnss_ldap-2.8.so /lib/libnss_ldap.so.2 and /usr/lib/libnss_ldap.so
from Jaunty host to karmic host (as questioned above) but 'su -' still failed.

from root, 'su -' to a localuser is fine, but if we 'su -' from localuser to ldap user we get errors
[root@karmic64 ~]
# su - localuser
localuser@karmic64:~$ su - ldap_user384
Password:
setgid: Operation not permitted

if we 'su -' from root to an ldap user, it works OK
[root@karmic64 ~]
# su - ldap_user384
No directory, logging in with HOME=/
[ldap_user384@karmic64 /]
$

can also 'su -' from ldap user to local user successfully
[ldap_user384@karmic64 /]
$ su - localuser
Password:
localuser@karmic64:~$

- nscd is running but does not fix
- ldap is running over SSL
- 'ssl off' in /etc/ldap.conf and /etc/ldap/ldap.conf does not fix problem
- nsswitch.conf has "files ldap" for group, shadow and passwd