Having done some more research, it appears that Active Directory also has some settings that could result in disconnected connections. I experimented with idle-timeout set to 30 seconds for the LDAP databases, but this seemed to exacerbate the frequency of the errors. The behaviour exhibits as ‘dead’ connections, and LDAP does not appear to attempt to re-establish these connections. Using the CentOS distro of OpenLDAP 2.4.23
Here are the slapd.conf settings:
database ldap
readonly on
suffix "dc=xyz,dc=local"
#noundeffilter yes
#use-temporary-conn yes
database ldap
readonly on
suffix "dc=abc,dc=adroot,dc=abc,dc=bc,dc=ca"
#noundeffilter yes
#use-temporary-conn yes
I have some rewrite rules for bindDN, searchEntryDN, searchAttrDN, matchedDN, but I don’t believe these settings are relevant to the issue at hand.
Essentially I want the connections to be re-established without generating errors.
Thanks
____________________________________________