I'm currently working on a very dirty hack to solve this problem.
since this nss-ldap bug is old and unsolved. I pushed nss-ldap out of the way and i made a programm which gets everything from AD and writes directly user and groups infos in /etc/passwd and /etc/groups
in etc/passwd, password is set to 'x'. so, as there is no record in /etc/shadow, auth pam_unix fails but auth pam_krb5 can still work. in the end everything works incredibly well with my 700 users AD but this is really a VERY DIRTY hack. its design is specific to my system i've got no time to make some sort of package. So, no download links. (sorry)
If you want to use it anyway, ask directly to me at [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
