Comment 6 for bug 1350778

I don't think the configuration upgrade code is the issue here (that would probably only cause issues with some downgrades). Furthermore, from a quick glance it seems the patch disables debconf configuration altogether.

The Debian packages contains numerous fixes to the debconf handling and configuration parsing that most likely fix the above issues:

* don't clear the tls_reqcert option when using ssl without the start_tls option or an ldaps:// URL
  fixed in 0.8.8-3 (Debian bug https://bugs.debian.org/672301)
  patch: http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1687&view=revision

* fix a problem in sed logic for commenting out disabled options
  fixed in 0.8.10-3 (Debian bug https://bugs.debian.org/689296)
  patch: http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1777&view=revision

* make whitespace matching consistent in regular expressions
  fixed in 0.8.5
  patch: http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1543&view=revision

* get the first configuration value instead of the last because that one is also written
  fixed in 0.8.5
  patch: http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1567&view=revision

* properly parse and write configuration options with an optional map parameter during debconf configuration
  fixed in 0.8.10-2 (Launchpad bug https://bugs.launchpad.net/bugs/1029062)
  patch: http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1740&view=revision

* properly handle preseeding and reading values from the configuration file by forcefully overwriting debconf values from nslcd.conf and not overwriting debconf values when reading other configuration files
  fixed in 0.8.13-2 (Debian bug https://bugs.debian.org/717063)
  patch: http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=2016&view=revision