--On Wednesday, March 3, 2021 3:36 PM -0800 Rallavagu Kon rallavagu@gmail.com wrote:
Thanks for the response Howard. This is helpful. Upon further investigation, it appears that the application's keepalive left to libldap defaults and those defaults did not go well with ELB's default 60 seconds idle timeout. Some applications provide configuration for tuning ldap keepalive settings. However, wondering if there is an option to configure keepalive settings system wide (perhaps in /etc/ldap.conf?) for those applications that use libldap.
This is not possible with OpenLDAP 2.4 but will be part of OpenLDAP 2.5. However, it may take a few years for OpenLDAP 2.5's libldap to make it's way into widely deployed Linux distributions.
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com