Comment 21 for bug 1410195

Might be related to bug 781737. pam-ldap/nss-ldap dropping privileges is, AFAIK, caused by libgcrypt (bug 423252). If this is the same bug, then the pending openldap merge (bug 1395098) will resolve it, as gcrypt will no longer be used. But switching to nss-pam-ldapd is a good recommendation anyway, since the older modules are dead upstream.