3.7.14. HoldServerConnection Previous topic Parent topic Child topic Next topic

By default the LDAP clauses, except<AuthBy LDAPRADIUS>, disconnect from the LDAP server after each authentication. This is because not all LDAP servers permit multiple searches from the same LDAP connection. HoldServerConnection forces holding the connection to the LDAP server up for as long as possible. It is an optional parameter and available for <AuthBy LDAP> and <AuthBy LDAPDIGIPASS>.
Most of the LDAP servers support this behaviour and it can significantly improve performance, especially where UseTLS or UseSSL is enabled. If you enable this parameter and get unwanted behaviour, you are probably using an unsupported LDAP server. In this case, remove this parameter.
Here is an example of using HoldServerConnection:
# Our server supports multiple searches