Comment 87 for bug 423252

For me both workarounds in the release notes aren't very usable, unfortunately.
I can't use libnss-ldapd as the pam_check_host_attr and pam_check_service_attr options in libnss-ldap are essential for me, but as Ian Gordon wrote libnss-ldapd doesn't support these.
The other solution (nscd) is usable, but only as long as nscd doesn't crash. The past told us nscd isn't the most stable daemon in the world unfortunately.