Apache 2.4 LDAP 查找速度慢

伺服器運行 RHEL 7 和 Apache 2.4.6；這是一個相當新的（大約一周前）問題。我所在部門的 Intranet 使用大學 Active Directory 環境的身份驗證，最終使用者的身份驗證需要 30 秒以上。隨後的頁面加載幾乎是即時的，一段時間後（我認為超時），問題又回來了。

<Directory /var/www/html/intranet>
  AuthType Basic
  AuthName "Restricted files"
  AuthBasicProvider ldap
  AuthLDAPBindDN CN=dept-binder,OU=Generic-Logon,OU=Generic,DC=example,DC=edu
  AuthLDAPBindPassword lamepassword
  AuthLDAPURL ldaps://ldap-ad.example.edu:636/dc=example,dc=edu?sAMAccountName?sub

  <RequireAny>
    require ldap-group CN=ug-dept-intranet,OU=Deoartment,OU=Dept-Groups,DC=example,DC=edu
  </RequireAny>
</Directory>

以下是 error_log 中的一些相關行：

AH02034: Initial (No.1) HTTPS request received for child 36 (server dept.example.edu:443)
AH01626: authorization result of Require ldap-group CN=ug-psy-employees,OU=Dynamic,OU=Psychology,OU=FSU-Dept-Groups,DC=fsu,DC=edu: denied (no authenticated user yet)
AH01626: authorization result of Require ldap-group CN=ug-dept-intranet,OU=Dept,OU=Dept-Groups,DC=example,DC=edu: denied (no authenticated user yet)
AH01691: auth_ldap authenticate: using URL ldaps://ldap-ad.example.edu:636/dc=example,dc=edu?sAMAccountName?sub
AH02001: Connection closed to child 11 with standard shutdown (server dept.example.edu:443)

# 37 seconds pass

AH01697: auth_ldap authenticate: accepting jsmith
AH01713: auth_ldap authorize: require group: testing for group membership in "CN=ug-dept-intranet,OU=Department,OU=Dept-Groups,DC=example,DC=edu"
AH01714: auth_ldap authorize: require group: testing for member: CN=jsmith,OU=PEOPLE,DC=example,DC=edu (CN=ug-dept-intranet,OU=Department,OU=Dept-Groups,DC=example,DC=edu)
AH01715: auth_ldap authorize: require group: authorization successful (attribute member) [Comparison true (adding to cache)][6 - Compare True]