Now using NSS_LDAP for LDAP Client. /etc/ldap.conf is being controlled NSS_LDAP.
NSS_LDAP has reconnect policy, default policy is hard_open(alias hard).
It means ..
# Reconnect policy:
# hard_open: reconnect to DSA with exponential backoff if
# opening connection failed
# hard_init: reconnect to DSA with exponential backoff if
# initializing connection failed
# hard: alias for hard_open
# soft: return immediately on server failure
hard_open mode is reconnecting the ldap server is down or problem, again and again.
because the result that this situation looks same hang up the server, we can’t access it and takes a long time to access it.
account by ldap and root account, too.
soft mode is return immediately on server failure.
If LDAP server is down, return message immediately. “Permission denied, please try again.”
and we can access for root account immediately when LDAP is down.