This is ITS#2588, fixed in OpenLDAP 2.3. The fix is also in the version of OpenLDAP 2.2 packaged by Symas in our CDS products. Using vendor-supplied software instead of compiling your own is OK, as long as you choose the right vendor to supply the packages. ;)
Until it's marked "Stable" or someone says so at the very least, I can't buy into v2.3. This is for the college's enterprise directory, one of those do-or-die sorts of things...
Gee, that's exactly what I run. ;)
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITSS/Shared Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html