After upgrading from 11.4 to 12.2 via freebsd-update, only users found in the local user database can send mail via sendmail as submission program anymore. Mail of users only in the remote OpenLDAP database gets rejected. All other system components using OpenLDAP via pam_ldap and nss_ldap work as expected.

Installed: nss_ldap-1.265_13, pam_ldap-1.8.6_3

Query for OpenLDAP user:

fbsdhost# getent passwd | grep user
user:*:1001:20:User Name:/home/user:/bin/tcsh

Sendmail configuration:

fbsdhost# cat /etc/mail/gwdu60.gwdg.de.submit.mc
divert(-1)
#
# Copyright (c) 2001-2003 Sendmail, Inc. and its suppliers.
#	All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#

#
#  This is the FreeBSD configuration for a set-group-ID sm-msp sendmail
#  that acts as a initial mail submission program.
#

divert(0)dnl
VERSIONID(`$FreeBSD: releng/12.2/etc/sendmail/freebsd.submit.mc 363465 2020-07-24 00:22:33Z gshapiro $')
define(`confCF_VERSION', `Submit')dnl
define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet
define(`confTIME_ZONE', `USE_TZ')dnl
define(`confDONT_INIT_GROUPS', `True')dnl
define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl
dnl
dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:0:0:0:0:0:0:0:1]
FEATURE(`msp', `[relay.ourdomain.de]')dnl

Local user:

fbsdhost% echo Test | mail -s test user@ourdomain.de
user@ourdomain.de... Connecting to [127.0.0.1] via relay...
220 fbsdhost.gwdg.de ESMTP Sendmail 8.16.1/8.16.1; Thu, 19 Nov 2020 17:18:39 +0100 (CET)
>>> EHLO fbsdhost.gwdg.de
250-fbsdhost.gwdg.de Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-STARTTLS
250-DELIVERBY
250 HELP
>>> STARTTLS
220 2.0.0 Ready to start TLS
>>> EHLO fbsdhost.gwdg.de
250-fbsdhost.gwdg.de Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
>>> MAIL From:<user@fbsdhost.ourdomain.de> SIZE=39
250 2.1.0 <user@fbsdhost.ourdomain.de>... Sender ok
>>> RCPT To:<user@ourdomain.de>
>>> DATA
250 2.1.5 <user@ourdomain.de>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
250 2.0.0 0AJGIdfE048266 Message accepted for delivery
user@ourdomain.de... Sent (0AJGIdfE048266 Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 fbsdhost.ourdomain.de closing connection

OpenLDAP user:

fbsdhost% echo Test | mail -s test user@ourdomain.de
kheuer@gwdg.de... Connecting to [127.0.0.1] via relay...
220 fbsdhost.ourdomain.de ESMTP Sendmail 8.16.1/8.16.1; Thu, 19 Nov 2020 17:17:27 +0100 (CET)
>>> EHLO fbsdhost.ourdomain.de
250-fbsdhost.ourdomain.de Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-STARTTLS
250-DELIVERBY
250 HELP
>>> STARTTLS
220 2.0.0 Ready to start TLS
>>> EHLO fbsdhost.ourdomain.de
250-fbsdhost.ourdomain.de Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
>>> MAIL From:<user@fbsdhost.ourdomain.de> SIZE=39
user@ourdomain.de... Deferred
Closing connection to [127.0.0.1]

/etc/nsswitch.conf:

#
# nsswitch.conf(5) - name service switch configuration file
# $FreeBSD: releng/12.2/lib/libc/net/nsswitch.conf 338729 2018-09-17 18:56:47Z brd $
#
group: files ldap
hosts: files dns
netgroup: compat
networks: files
passwd: files ldap
shells: files
services: compat
protocols: files
rpc: files

Best regards
Konrad Heuer