I migrated my jenkins from an old server with JDK 1.8 and jenkins 2.236 to a new server with JDK 17 and 2.504.3. Now I got LDAP login issue. If no one tries to login to jenkins, after a while, the login try will report login error. I checked log, the log shows LDAP read timeout:

"javax.naming.NamingException: LDAP response read timed out, timeout used: 60000 ms.; remaining name 'ou=employee'".  I have 2 ways to recover the login:

1. Restart jenkins
2. Just try a few times the failed login

I reminder this phenominon and I handled before. It was caused by the LDAP pool. Disabling the LDAP pool resolved this issue on my old jenkins server. I checked the setting in LDAP/Server/Advanced Server Configuration/Environment Properties, it was migrated correctly and still there. In config.xml too:

<jenkins.security.plugins.ldap.LDAPConfiguration>

    <extraEnvVars class="linked-hash-map">
          <entry>
            <string>com.sun.jndi.ldap.connect.pool</string>
            <string>false</string>
          </entry>

  </extraEnvVars>
</jenkins.security.plugins.ldap.LDAPConfiguration>

I don't know why it doesn't work any more. So I tried to set the time out settings: com.sun.jndi.ldap.connect.timeout and com.sun.jndi.ldap.read.timeout to 10 seconds from default 60 seconds. But when the login problem occurs, the log message still shows the time out is 60 seconds. So I believe the LDAP environment settings now don't take effective any more. Is there somthing changed this behavior with Jenkins or the LDAP plugin or JDK?