----
been there, done that...

add to bottom of /etc/ldap.conf

timelimit 30
bind_timelimit 30
bind_policy soft
nss_initgroups_ignoreusers root,ldap

Craig