Comment 3 for bug 237115

I would like to confirm this bug, or at least corroborate it. I am running a fresh install of debian lenny (testing) up-to-date as of Oct 15th 2008

dpkg -l |grep libnss

ii libnss-ldap 261-2 NSS module for using LDAP as a naming servic

Connecting to an Active Directory domain (w2k3 r2) yielded slow and spotty successful returns. with a lot of:

nss_ldap: reconnecting to LDAP server...
nss_ldap: reconnected to LDAP server ldap://<ad.server.fqdn> after 1 attempt
nss_ldap: reconnecting to LDAP server...
nss_ldap: reconnected to LDAP server ldap://<ad.server.fqdn> after 1 attempt

This would be logged by anything service trying to connect to LDAP (nscd, imapd, smtpd, etc...)
by changing:

nss_connect_policy persist

to

nss_connect_policy oneshot

no more errors and performance is now *much* better.