AD has an inactivity/idle default timeout of 900 seconds. I suspect you can google to find the setting name, and where it's stored, in your AD server(s).Hope that helps.- MatthewOn Dec 10, 2012, at 8:35 PM, Bryce Powell wrote:Having done some more research, it appears that Active Directory also has some settings that could result in disconnected connections. I experimented with idle-timeout set to 30 seconds for the LDAP databases, but this seemed to exacerbate the frequency of the errors. The behaviour exhibits as âdeadâ connections, and LDAP does not appear to attempt to re-establish these connections. Using the CentOS distro of OpenLDAPÂ2.4.23ÂHere are the slapd.conf settings:ÂdatabaseÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ ldapreadonlyÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ onsuffixÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ "dc=xyz,dc=local"#noundeffilterÂÂÂÂÂÂÂÂÂÂ yes#use-temporary-connÂÂÂÂÂ yesÂÂdatabaseÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ ldapreadonlyÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ onsuffixÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ "dc=abc,dc=adroot,dc=abc,dc=bc,dc=ca"#noundeffilterÂÂÂÂÂÂÂÂÂÂ yes#use-temporary-connÂÂÂÂÂ yesÂÂI have some rewrite rules for bindDN, searchEntryDN, searchAttrDN, matchedDN, but I donât believe these settings are relevant to the issue at hand.ÂEssentially I want the connections to be re-established without generating errors.ÂThanks____________________________________________