[nssldap] nss ldap under RHEL 5 does first connects configured ldap server and than does dns lookup and tries to connect random ldap servers

[Thomas Glanzmann <thomas [at] glanzmann.de>]

Hello,
I have RHEL 5.3 nss_ldap connected to active directory. The
configuration (/etc/ldap.conf) is the following:

host 157.163.212.208

bind_policy soft

base DC=ww004,DC=glanzmann,DC=net
ldap_version 3

binddn 
CN=ADLDAPF,OU=ErlF,OU=User,OU=_CentralServices,DC=ww004,DC=glanzmann,DC=net
bindpw geheim

nss_base_passwd         DC=ww004,DC=glanzmann,DC=net?sub?uid=*
nss_base_shadow         DC=ww004,DC=glanzmann,DC=net?sub?uid=*
nss_base_group          DC=ww004,DC=glanzmann,DC=net?sub?gidNumber=*

nss_map_objectclass posixAccount user
nss_map_objectclass shadowAccount user
nss_map_objectclass posixGroup group

nss_map_attribute homeDirectory unixHomeDirectory
nss_map_attribute gecos displayname

nss_map_attribute group:cn displayName
nss_map_attribute uniqueMember member

schema rfc2307bis

When I do a ,,getent passwd'' it shows the local users, the directory
users, and than hangs. By sniffing the connection, I see that connectes
to 157.163.212.208 does, search, gets the answer and even lists the
users. But than it does a DNS lookup for

        DomainDnsZones.ww004.glanzmann.net

And tries to connect these servers which results into a hang because there is a
firewall in place which makes it impossible to connect the machines. Is there a
way to get rid of this annoying behaviour using a configuration option or do I
have to rebuild nss ldap?

        Thomas