Issue
The CQ instance opens a connection to your LDAP server when you change a user value and try to update the changes in LDAP.
Solution
Set isReadOnly to true in your user CSD. For example:
<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE csd SYSTEM "cq:/system/resources/dtd/xmlcsd.dtd">
<csd name="ldapuser" base="user">
<hierarchy_driver name="LdapUserMapper" />
<container> <atom label="UserID" driver="ldap" indexinghint="exact"> <param name="attributename" value="uid"/>
</atom> <atom label="Password" isReadOnly="true" driver="ldap" indexinghint="ignore"
<param name="attributename" value="userPassword"/>
</atom>
<atom label="Fullname" isReadOnly="true" driver="ldap">
<param name="attributename" value="cn"/>
</atom> <atom label="EMail" isReadOnly="true" driver="ldap" >
<param name="attributename" value="mail"/>
</atom> <containerlist label="Groups" driver="ldap" base="user.Groups">
<atom label="GroupHandle" driver="ldap" isBinary="false" />
</containerlist>
</container>
</csd>
Additional information
Atoms, if not specified explicitly, are readable and writable.