When there are more than one authentication methods configured in the profile and 1st one fails to bind to the LDAP server, it falls back to 2nd one and so on.
But the 2nd try with the new authetication method does not reuse the existing connection and add a new connection after it binds the LDAP server sucessfully.
It adds a new connection for every search or enumeration and eventually opens too many connections in the same process.
e.g.
"tls:simple;simple" are defined.
tls:simple fails and it falls back to use simple.
After "get passwd" a couple of times and nscd does not return LDAP entries.
"pfiles $(pgrep nscd)" shows hundred of conenctions are open. But it is supposed to open one with port 389.