As you know (or not ;), i have a little project to help handle LDAP authentication in GNU/Linux systems (somebody wants to help port it to OpenSolaris?), and a co-worker (Ernani), did a patch to adapt the code for the new ldap routines (ldap_init/initialize, etc). He give me his email (, if you have any questions. Many thanks to Ernani, and please give us feedback if you encounter any bugs.
PS.: This module (pam_hostscheck), works like a requisite in pam stack. Using a attribute (host) in the LDAP server, it checks if that user can “try” to authenticate on the machine/server. It’s one more level for security and access control.