Ther version of nss_ldap currently in RHEL4 has a number of more or less obscure problems and limits, that seem to be solved in RHEL5. Backporting seems to be a major issue as the changes are mixed with other changes, so that an attempt to extract atomic fixes already failed for 4.6. Some changes also might be dangerous if pulled out of context. It therefor seems to be the less risky approach to attempt a re-base to the version of nss_ldap we are maintaining in RHEL5. It does not bear the risk of ABI breakage as glibc enforces the ABI. Also on the configuration side there are only extension vs what we have in 4.6.
Apparently in nss_ldap v2.41 they added "nss_reconnect" options eg) nss_reconnect_maxtries, nss_reconnect_sleeptime, etc. These options would be helpful for ldap failover config on RHEL 4 WS. http://www.liquidx.net/blog/2006/04/03/nss_ldap-undocumented-nss_reconnect_tries/
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2008-0715.html