solved!
A co-worker and I have been working this for a long time, and he won't post
his findings for posterity.

While using dtrace we began to suspect that it might be libraries and
linking issues, so he start reading up on other linking issues with Solaris.

Here's his findings and the solution:
###############################################################

THE MOST AWESOME AND GRAND THING... or ....

"How to get php to compile with LDAP (proper nsswitch) support on Solaris

10" #
#-------------------------------------------------------------#
###############################################################

1. grep through the entire codebase of php (and any dependency
   application you've been trying to build, for inclusion as a
   dependency within php), and look for the following string:

-assert pure-text

You'll find this as an LD (linker) argument, which works
on pre-SunOS4.x, but not SunOS5.x (including Solaris 10).

Replace each instance with "-G" instead.

Use gmake instead of make.

Add the library paths, as you'd need them to be using an
LDFLAG like so:

LDFLAG -R/lib-path1:/lib-64-bit-path

This builds the executable with the absolute path of the
libraries it needs, instead of relying on the correct
paths being in the session's LD_LIBRARY_PATH.

2. Pray

I posted this yesterday to the install group, but I think maybe it should
be internals group.
I am wondering if there is a problem with the getgid, getegid or set
versions. How can I test this to find the problem?

---

I've got a funny issue, and it has been narrowed down to something with
PHP5 on my Solaris10 boxes.

the S10 boxes are running as LDAP clients (using LDAP instead of NIS) in
the proxy configuration, pam_unix.
With the PHP5 module loaded the Apache daemon user does not know of his
secondary groups from the LDAP, only his primary group (as defined in the
httpd.conf, not necessarily as handed by the LDAP) plus any local groups
in /etc/group if there are any. Which I don't want there to be, because
that's the purpose of using the LDAP.

I took the Apache supplied printenv perl script in cgi-bin and added this
info to demonstrate the problem:
print "Data about the running process:<BR>

<pre> Real user id : $< Effective user id : $> Real group id : $( Effective group id : $) </pre><br>\n";

The output with PHP5 module loaded, where 99 is a local group and 42 is
the default group (and in ldap):

Real user id : 10
Effective user id : 10
Real group id : 42 99 42
Effective group id : 42 99 42

The output without PHP5 loaded:

Real user id : 10
Effective user id : 10
Real group id : 42 7000 775 124 60010 602 60009 125 216 60008 42
Effective group id : 42 7000 775 124 60010 602 60009 125 216 60008 42

I've tried recompiling PHP with and without LDAP libraries, --enable-yp...
I played with the safe_mod and safe_mode_gid settings, setting them 0,1,
1,1, 0,0 and had no change.

I am running both Apache and PHP with full 64bit binaries. That was no
small feat.

Any ideas or help?

--
-Kevin

--
-Kevin