ldap_do_free_request: Assertion `lr->lr_refcnt == 1'

Using apache2 authnz_ldap against Active Directory with require ldap-group (after auth_kerb authentication) crashes apache2 when serving any request with:

[Thu Mar 02 16:43:21.251455 2023] [mpm_prefork:notice] [pid 3809200] AH00163: Apache/2.4.52 (Ubuntu) mod_auth_kerb/5.4 OpenSSL/3.0.2 configured -- resuming normal operations
[Thu Mar 02 16:43:21.251503 2023] [core:notice] [pid 3809200] AH00094: Command line: '/usr/sbin/apache2'
apache2: ../../../../libraries/libldap/request.c:970: ldap_do_free_request: Assertion `lr->lr_refcnt == 1' failed.

This only happens with search base = ad root dsn and seems related to the extra search response items like the following to the user lookup query (traced with tshark), which are only returned when search base = ad root dsn.

Lightweight Directory Access Protocol
    LDAPMessage searchResRef(2)
        messageID: 2
        protocolOp: searchResRef (19)
            searchResRef: 1 item
                LDAPURL: ldap://DomainDnsZones.example.org/DC=DomainDnsZones,DC=example,DC=org
        [Response To: 8]
        [Time: 0.043273000 seconds]

Likely a bug related to openldap, so these are the ldap libs installed:
ii libldap-2.5-0:amd64 2.5.13+dfsg-0ubuntu0.22.04.1 amd64 OpenLDAP libraries
ii libldap-common 2.5.13+dfsg-0ubuntu0.22.04.1 all OpenLDAP common files for libraries

ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: apache2 2.4.52-1ubuntu4.3
ProcVersionSignature: Ubuntu 5.19.0-32.33~22.04.1-generic 5.19.17
Uname: Linux 5.19.0-32-generic x86_64
ApportVersion: 2.20.11-0ubuntu82.3
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: LXQt
Date: Sat Mar 4 12:57:47 2023
SourcePackage: apache2
UpgradeStatus: Upgraded to jammy on 2022-07-09 (238 days ago)