This is related to the problem described in comment #2 on bug 2722. With the standard SLED11 PAM configuration, the login fails with "Access denied for LONGUSERNAME by PAM account configuration.". After changing common-account like this, it works:
#account requisite pam_unix2.so
#account sufficient pam_localuser.so
#account required pam_ldap.so use_first_pass
account sufficient pam_permit.so
However, this might not be the best solution. I wonder why it works on SLED11 and other distros.
*** This bug has been marked as a duplicate of bug 3246 ***