diff --git a/system/etc/nsswitch.conf b/system/etc/nsswitch.conf
index de9c533f07b..f557269d5bd 100644
--- a/system/etc/nsswitch.conf
+++ b/system/etc/nsswitch.conf
@@ -1,5 +1,6 @@
-passwd:         compat
-group:          compat
+passwd:         ldap files
+group:          ldap files
+shadow:         ldap files
 
 hosts:          files dns
 networks:       files dns
diff --git a/system/system.nix b/system/system.nix
index fdf06eb5806..94e28b21626 100644
--- a/system/system.nix
+++ b/system/system.nix
@@ -115,9 +115,16 @@ rec {
   };
 
 
+  # NSS modules.  Hacky!
+  nssModules = [pkgs.nss_ldap];
+
+  nssModulesPath = pkgs.lib.concatStrings (pkgs.lib.intersperse ":" 
+    (map (mod: mod + "/lib") nssModules));
+
+
   # The services (Upstart) configuration for the system.
   upstartJobs = import ./upstart.nix {
-    inherit config pkgs nix;
+    inherit config pkgs nix nssModulesPath;
   };
 
 
diff --git a/system/upstart.nix b/system/upstart.nix
index 6ceb2c92163..836a279346f 100644
--- a/system/upstart.nix
+++ b/system/upstart.nix
@@ -1,4 +1,4 @@
-{config, pkgs, nix}:
+{config, pkgs, nix, nssModulesPath}:
 
 let 
 
@@ -80,6 +80,7 @@ import ../upstart-jobs/gather.nix {
     # Name service cache daemon.
     (import ../upstart-jobs/nscd.nix {
       inherit (pkgs) glibc pwdutils;
+      inherit nssModulesPath;
     })
 
     # Handles the maintenance/stalled event (single-user shell).
@@ -97,6 +98,7 @@ import ../upstart-jobs/gather.nix {
     (import ../upstart-jobs/sshd.nix {
       inherit (pkgs) writeText openssh glibc pwdutils;
       inherit (pkgs.xorg) xauth;
+      inherit nssModulesPath;
       forwardX11 = config.get ["services" "sshd" "forwardX11"];
       allowSFTP = config.get ["services" "sshd" "allowSFTP"];
     })
diff --git a/upstart-jobs/nscd.nix b/upstart-jobs/nscd.nix
index 1e6b39dd9b3..2fcc86229b1 100644
--- a/upstart-jobs/nscd.nix
+++ b/upstart-jobs/nscd.nix
@@ -1,4 +1,4 @@
-{glibc, pwdutils}:
+{glibc, pwdutils, nssModulesPath}:
 
 {
   name = "nscd";
@@ -9,6 +9,8 @@ description \"Name Service Cache Daemon\"
 start on startup
 stop on shutdown
 
+env LD_LIBRARY_PATH=${nssModulesPath}
+
 start script
 
     if ! ${glibc}/bin/getent passwd nscd > /dev/null; then
@@ -18,6 +20,8 @@ start script
 
     mkdir -m 0755 -p /var/run/nscd
     mkdir -m 0755 -p /var/db/nscd
+
+    rm -f /var/db/nscd/* # for testing
     
 end script
 
diff --git a/upstart-jobs/sshd.nix b/upstart-jobs/sshd.nix
index 69be033316d..cc2c4ddea1b 100644
--- a/upstart-jobs/sshd.nix
+++ b/upstart-jobs/sshd.nix
@@ -1,4 +1,5 @@
 { writeText, openssh, glibc, pwdutils, xauth
+, nssModulesPath
 , forwardX11, allowSFTP
 }:
 
@@ -32,6 +33,8 @@ description \"SSH server\"
 start on network-interfaces/started
 stop on network-interfaces/stop
 
+env LD_LIBRARY_PATH=${nssModulesPath}
+
 start script
     mkdir -m 0555 -p /var/empty