Update that installs SSSD breaks NIS user login

An update to Vivid, Wily and Trusty appears to install a new security demon called sssd. This adds itself to /etc/nsswitch.conf and alters /etc/pam.d/common-account in such away that causes NIS user accounts to be unable to login on a graphical console or via SSH.

When su is used to this user, the following message appears:

su: authentication service cannot retrieve authentication info (ignored)

An attempt to login with the correct password via ssh will result in a very uninformative:

connection closed by xxx.xxx.xxx.xxx

In /var/log/auth.log, the following is recorded:

Nov 6 07:03:15 yakut lightdm: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "user"

Nov 5 20:33:17 yakut lightdm: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "user"
Nov 5 20:33:20 yakut lightdm: pam_unix(lightdm:auth): authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user=user

I could not block the installation of sssd using apt-mark because the package is not yet installed. This means it will spread to other clients when the next update is done.