--- configure.ac.orig	2009-10-17 20:09:01.000000000 +0400
+++ configure.ac	2009-12-20 19:58:24.000000000 +0300
@@ -160,6 +160,20 @@
   AC_DEFINE(ENABLE_CONFIGFILE_CHECKING,1,[Whether to check configfile options.])
 fi
 
+# check whether nss_compat options should be checked
+AC_MSG_CHECKING([whether to check nss_compat option])
+AC_ARG_ENABLE(nss_compat_checking,
+              AS_HELP_STRING([--enable-nss_compat],
+                             [check nss_compat option [[default=no]]]),
+              [nss_compat_checking=$enableval],
+              [nss_compat_checking="no"])
+AC_MSG_RESULT($nss_compat_checking)
+if test "x$nss_compat_checking" = "xyes"
+then
+  AC_CHECK_HEADERS([libgen.h], [], [AC_MSG_ERROR([libgen.h is required for nss_compat])])
+  AC_DEFINE(ENABLE_NSS_COMPAT,1,[Whether to check nss_compat options.])
+fi
+
 # check the name of the configuration file
 AC_ARG_WITH(ldap-conf-file,
             AS_HELP_STRING([--with-ldap-conf-file=PATH],
--- nslcd/cfg.c.orig	2009-10-05 21:47:47.000000000 +0400
+++ nslcd/cfg.c	2009-12-20 18:10:37.000000000 +0300
@@ -33,6 +33,9 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <unistd.h>
+#ifdef ENABLE_NSS_COMPAT
+#include <libgen.h>
+#endif
 #include <errno.h>
 #include <netdb.h>
 #include <sys/socket.h>
@@ -665,6 +668,25 @@
   int rc;
   char *value;
 #endif
+#ifdef ENABLE_NSS_COMPAT
+  /* get secret password */
+  snprintf(linebuf, sizeof(linebuf), "%s/nss_ldap.secret", dirname(filename));
+  if ((fp=fopen(linebuf,"r"))==NULL)
+  {
+    log_log(LOG_ERR,"cannot open secret file (%s): %s",linebuf,strerror(errno));
+    /* exit(EXIT_FAILURE); */
+  }
+  else if (fgets(linebuf,MAX_LINE_LENGTH,fp)!=NULL)
+  {
+    i=strlen(linebuf);
+    if (i>0)
+      linebuf[i-1]='\0';
+    cfg->ldc_bindpw=strdup(linebuf);
+  }
+  if (fp!=NULL)
+    fclose(fp);
+#endif
+
   /* open config file */
   if ((fp=fopen(filename,"r"))==NULL)
   {
@@ -733,13 +755,20 @@
       get_int(filename,lnr,keyword,&line,&cfg->ldc_version);
       get_eol(filename,lnr,keyword,&line);
     }
+#ifdef ENABLE_NSS_COMPAT
+    else if (strcasecmp(keyword,"rootbinddn")==0)
+#else
     else if (strcasecmp(keyword,"binddn")==0)
+#endif
     {
       get_restdup(filename,lnr,keyword,&line,&cfg->ldc_binddn);
     }
     else if (strcasecmp(keyword,"bindpw")==0)
     {
-      get_restdup(filename,lnr,keyword,&line,&cfg->ldc_bindpw);
+#ifdef ENABLE_NSS_COMPAT
+      if (cfg->ldc_bindpw == NULL)
+#endif
+        get_restdup(filename,lnr,keyword,&line,&cfg->ldc_bindpw);
     }
     /* SASL authentication options */
     else if (strcasecmp(keyword,"sasl_authcid")==0)