diff --git a/SOURCES/autofs-5.1.8-dont-immediately-call-function-when-waiting.patch b/SOURCES/autofs-5.1.8-dont-immediately-call-function-when-waiting.patch
new file mode 100644
index 0000000..55680b9
--- /dev/null
+++ b/SOURCES/autofs-5.1.8-dont-immediately-call-function-when-waiting.patch
@@ -0,0 +1,101 @@
+autofs-5.1.8 - dont immediately call function when waiting
+
+From: Ian Kent <raven@themaw.net>
+
+When autofs needs to wait for a sss connection the connection function
+is immediately called a second time without first waiting. Adjust the
+calling so that there's a wait before the next call.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG            |    1 +
+ modules/lookup_sss.c |   24 ++++++++++++------------
+ 2 files changed, 13 insertions(+), 12 deletions(-)
+
+--- autofs-5.1.4.orig/CHANGELOG
++++ autofs-5.1.4/CHANGELOG
+@@ -107,6 +107,7 @@
+ - fix incorrect path for is_mounted() in try_remount().
+ - fail on empty replicated host name.
+ - improve handling of ENOENT in sss setautomntent().
++- don't immediately call function when waiting.
+ 
+ xx/xx/2018 autofs-5.1.5
+ - fix flag file permission.
+--- autofs-5.1.4.orig/modules/lookup_sss.c
++++ autofs-5.1.4/modules/lookup_sss.c
+@@ -338,10 +338,13 @@ static int setautomntent_wait(unsigned i
+ 	     "can't connect to sssd, retry for %d seconds",
+ 	     retries);
+ 
+-	while (++retry <= retries) {
++	while (++retry < retries) {
+ 		struct timespec t = { SSS_WAIT_INTERVAL, 0 };
+ 		struct timespec r;
+ 
++		while (nanosleep(&t, &r) == -1 && errno == EINTR)
++			memcpy(&t, &r, sizeof(struct timespec));
++
+ 		ret = ctxt->setautomntent(ctxt->mapname, sss_ctxt);
+ 		if (proto_version(ctxt) == 0) {
+ 			if (ret != ENOENT)
+@@ -355,9 +358,6 @@ static int setautomntent_wait(unsigned i
+ 			free(*sss_ctxt);
+ 			*sss_ctxt = NULL;
+ 		}
+-
+-		while (nanosleep(&t, &r) == -1 && errno == EINTR)
+-			memcpy(&t, &r, sizeof(struct timespec));
+ 	}
+ 
+ 	if (!ret)
+@@ -475,10 +475,13 @@ static int getautomntent_wait(unsigned i
+ 	 "can't contact sssd to to get map entry, retry for %d seconds",
+ 	 retries);
+ 
+-	while (++retry <= retries) {
++	while (++retry < retries) {
+ 		struct timespec t = { SSS_WAIT_INTERVAL, 0 };
+ 		struct timespec r;
+ 
++		while (nanosleep(&t, &r) == -1 && errno == EINTR)
++			memcpy(&t, &r, sizeof(struct timespec));
++
+ 		ret = ctxt->getautomntent_r(key, value, sss_ctxt);
+ 		if (proto_version(ctxt) == 0) {
+ 			if (ret != ENOENT)
+@@ -487,9 +490,6 @@ static int getautomntent_wait(unsigned i
+ 			if (ret != EHOSTDOWN)
+ 				break;
+ 		}
+-
+-		while (nanosleep(&t, &r) == -1 && errno == EINTR)
+-			memcpy(&t, &r, sizeof(struct timespec));
+ 	}
+ 
+ 	if (!ret)
+@@ -600,10 +600,13 @@ static int getautomntbyname_wait(unsigne
+ 	"can't contact sssd to to lookup key value, retry for %d seconds",
+ 	retries);
+ 
+-	while (++retry <= retries) {
++	while (++retry < retries) {
+ 		struct timespec t = { SSS_WAIT_INTERVAL, 0 };
+ 		struct timespec r;
+ 
++		while (nanosleep(&t, &r) == -1 && errno == EINTR)
++			memcpy(&t, &r, sizeof(struct timespec));
++
+ 		ret = ctxt->getautomntbyname_r(key, value, sss_ctxt);
+ 		if (proto_version(ctxt) == 0) {
+ 			if (ret != ENOENT)
+@@ -612,9 +615,6 @@ static int getautomntbyname_wait(unsigne
+ 			if (ret != EHOSTDOWN)
+ 				break;
+ 		}
+-
+-		while (nanosleep(&t, &r) == -1 && errno == EINTR)
+-			memcpy(&t, &r, sizeof(struct timespec));
+ 	}
+ 
+ 	if (!ret)
diff --git a/SOURCES/autofs-5.1.8-improve-handling-of-ENOENT-in-sss-setautomntent.patch b/SOURCES/autofs-5.1.8-improve-handling-of-ENOENT-in-sss-setautomntent.patch
new file mode 100644
index 0000000..1ef915e
--- /dev/null
+++ b/SOURCES/autofs-5.1.8-improve-handling-of-ENOENT-in-sss-setautomntent.patch
@@ -0,0 +1,59 @@
+autofs-5.1.8 - improve handling of ENOENT in sss setautomntent()
+
+From: Ian Kent <raven@themaw.net>
+
+In the sss lookup module function setautomntent() a return of ENOENT
+isn't handled quite right.
+
+If ENOENT (rather than EHOSTDOWN) is returned from sss setautomntent()
+we should assume the LDAP info. has been read by sss and the entry in
+fact doesn't exist.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG            |    1 +
+ modules/lookup_sss.c |   16 +++++++++++++++-
+ 2 files changed, 16 insertions(+), 1 deletion(-)
+
+--- autofs-5.1.4.orig/CHANGELOG
++++ autofs-5.1.4/CHANGELOG
+@@ -106,6 +106,7 @@
+ - fix minus only option handling in concat_options().
+ - fix incorrect path for is_mounted() in try_remount().
+ - fail on empty replicated host name.
++- improve handling of ENOENT in sss setautomntent().
+ 
+ xx/xx/2018 autofs-5.1.5
+ - fix flag file permission.
+--- autofs-5.1.4.orig/modules/lookup_sss.c
++++ autofs-5.1.4/modules/lookup_sss.c
+@@ -394,7 +394,17 @@ static int setautomntent(unsigned int lo
+ 			if (ret != ENOENT)
+ 				goto error;
+ 		} else {
+-			if (ret != ENOENT && ret != EHOSTDOWN)
++			/* If we get an ENOENT here assume it's accurrate
++			 * and return the error.
++			 */
++			if (ret == ENOENT) {
++				error(logopt, MODPREFIX
++				      "setautomountent: entry for map %s not found",
++				      ctxt->mapname);
++				err = NSS_STATUS_NOTFOUND;
++				goto free;
++			}
++			if (ret != EHOSTDOWN)
+ 				goto error;
+ 		}
+ 
+@@ -410,6 +420,10 @@ static int setautomntent(unsigned int lo
+ 			if (ret == EINVAL)
+ 				goto free;
+ 			if (ret == ENOENT) {
++				/* Map info. not found after host became available */
++				error(logopt, MODPREFIX
++				      "setautomountent: entry for map %s not found",
++				      ctxt->mapname);
+ 				err = NSS_STATUS_NOTFOUND;
+ 				goto free;
+ 			}
diff --git a/SPECS/autofs.spec b/SPECS/autofs.spec
index 9a80950..9332590 100644
--- a/SPECS/autofs.spec
+++ b/SPECS/autofs.spec
@@ -8,7 +8,7 @@
 Summary: A tool for automatically mounting and unmounting filesystems
 Name: autofs
 Version: 5.1.4
-Release: 92%{?dist}
+Release: 93%{?dist}
 Epoch: 1
 License: GPLv2+
 Group: System Environment/Daemons
@@ -278,6 +278,8 @@ Patch249: autofs-5.1.7-fix-concat_options-error-handling.patch
 Patch250: autofs-5.1.8-fix-minus-only-option-handling-in-concat_options.patch
 Patch251: autofs-5.1.8-fix-incorrect-path-for-is_mounted-in-try_remount.patch
 Patch252: autofs-5.1.8-fail-on-empty-replicated-host-name.patch
+Patch253: autofs-5.1.8-improve-handling-of-ENOENT-in-sss-setautomntent.patch
+Patch254: autofs-5.1.8-dont-immediately-call-function-when-waiting.patch
 
 %if %{with_systemd}
 BuildRequires: systemd-units
@@ -597,6 +599,8 @@ echo %{version}-%{release} > .version
 %patch250 -p1
 %patch251 -p1
 %patch252 -p1
+%patch253 -p1
+%patch254 -p1
 
 %build
 LDFLAGS=-Wl,-z,now
@@ -692,6 +696,13 @@ fi
 %dir /etc/auto.master.d
 
 %changelog
+* Wed Feb 08 2023 Ian Kent <ikent@redhat.com> - 5.1.4-93
+- bz2165143 - Autofs reports can't connect to sssd, retry for 10 seconds when
+  real problem is empty LDAP object
+  - improve handling of ENOENT in sss setautomntent().
+  - dont immediately call function when waiting.
+- Resolves: rhbz#2165143
+
 * Tue Jan 24 2023 Ian Kent <ikent@redhat.com> - 5.1.4-92
 - bz2161336 - Users can trigger a simple autofs DoS with wildcard automounter maps
   - fail on empty trailing replicated host name.