AD has an inactivity/idle default timeout of 900 seconds. I suspect you can google to find the setting name, and where it's stored, in your AD server(s).
Hope that helps. - Matthew On Dec 10, 2012, at 8:35 PM, Bryce Powell wrote: > Having done some more research, it appears that Active Directory also has > some settings that could result in disconnected connections. I experimented > with idle-timeout set to 30 seconds for the LDAP databases, but this seemed > to exacerbate the frequency of the errors. The behaviour exhibits as ‘dead’ > connections, and LDAP does not appear to attempt to re-establish these > connections. Using the CentOS distro of OpenLDAP 2.4.23 > > Here are the slapd.conf settings: > > database ldap > readonly on > suffix "dc=xyz,dc=local" > #noundeffilter yes > #use-temporary-conn yes > uri "ldap://IP1/ ldap://IP2/ ldap://3/ ldap://IPn/"; > > > database ldap > readonly on > suffix "dc=abc,dc=adroot,dc=abc,dc=bc,dc=ca" > #noundeffilter yes > #use-temporary-conn yes > uri "ldap://IP11/ ldap://IP12/ ldap://13/ ldap://IP1n/"; > > > I have some rewrite rules for bindDN, searchEntryDN, searchAttrDN, matchedDN, > but I don’t believe these settings are relevant to the issue at hand. > > Essentially I want the connections to be re-established without generating > errors. > > Thanks > ____________________________________________
