diff --git a/CHANGES b/CHANGES
index 96885ccd567c5be9304ce0fb99ab3f72e9d25a6c..63b4c20d31188d374d13d8a46f8f6e4f0250d124 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,7 @@ OpenLDAP 2.4.24 Engineering
 	Fixed slapd acl parsing overflow (ITS#6611)
 	Fixed slapd modify to return actual error (ITS#6581)
 	Fixed slapd-bdb entry cache delete failure (ITS#6577)
+	Fixed slapd-meta anon retry with failed auth method (ITS#6643)
 	Fixed slapd-null back-config support (ITS#6624)
 	Fixed slapo-pcache callback freeing (ITS#6640)
 	Fixed slapo-pcache to ignore undefined attrs (ITS#6600)
diff --git a/servers/slapd/back-meta/search.c b/servers/slapd/back-meta/search.c
index eaa0311729c2fa2e756592df23784401acd38157..068589d1ae4f68a78fb228070c3997983ce9783b 100644
--- a/servers/slapd/back-meta/search.c
+++ b/servers/slapd/back-meta/search.c
@@ -191,8 +191,13 @@ meta_search_dobind_init(
 			( mt->mt_idassert_flags & LDAP_BACK_AUTH_OVERRIDE ) ) )
 	{
 		rc = meta_back_proxy_authz_cred( mc, candidate, op, rs, LDAP_BACK_DONTSEND, &binddn, &cred, &method );
-		if ( rc != LDAP_SUCCESS ) {
+		switch ( rc ) {
+		case LDAP_SUCCESS:
+			break;
+		case LDAP_UNAVAILABLE:
 			goto down;
+		default:
+			goto other;
 		}
 
 		/* NOTE: we copy things here, even if bind didn't succeed yet,