From 5ac54d28708a16b768a1e65ad6d38f97ff7eeb62 Mon Sep 17 00:00:00 2001
From: Ossi Salmi <osalmi@iki.fi>
Date: Fri, 27 Jun 2014 15:01:39 +0300
Subject: [PATCH] ldap: Add better timeouts than infinity to nslcd.conf

---
 ldap/templates/nslcd.conf.erb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ldap/templates/nslcd.conf.erb b/ldap/templates/nslcd.conf.erb
index ac5086d..eb2d67f 100644
--- a/ldap/templates/nslcd.conf.erb
+++ b/ldap/templates/nslcd.conf.erb
@@ -8,6 +8,11 @@ gid ldap
 uri <%= @ldap_uri %>
 base <%= @ldap_basedn %>
 
+# time out searches after 30 seconds
+timelimit 30
+# close idle connections after 10 minutes
+idle_timelimit 600
+
 <% if ['ad','activedirectory'].index(@mapping) -%>
 pagesize 1000
 filter passwd (&(objectClass=user)(!(objectClass=computer))(uidNumber=*))