Comment 96 for bug 423252

Regarding the pam_check_host_attr and pam_check_service_attr options of pam_ldap, nslcd has a pam_authz_search option that can replace functionality of those options (and much more). This option has been in nss-pam-ldapd since version 0.7.4.

Any other feature requests (and bug reports) are very much welcome on the nss-pam-ldapd-users mailing list.

Regarding the previous comment, could you file a bug report on the nss-pam-ldapd package if you think the problem is there? From the log it shows that only three lookups for the user "user333" came in. No authentication requests were done for that user (at least not through nslcd).