diff --git a/CHANGES b/CHANGES
index aa3b752be736237cde637b481a3d33bedfecb0c4..55277649b87a3386e18961d49e1c6c3126553430 100644
--- a/CHANGES
+++ b/CHANGES
@@ -31,6 +31,7 @@ OpenLDAP 2.4.24 Engineering
 	Fixed slapd-ldap debug output of timeout (ITS#6721)
 	Fixed slapd-ldap DNSSRV referral chaining (ITS#6565)
 	Fixed slapd-ldap chaining with onelevel scope (ITS#6699)
+	Fixed slapd-ldap chaining with ppolicy (ITS#6540)
 	Fixed slapd-ldap with SASL/EXTERNAL (ITS#6642)
 	Fixed slapd-ndb to honor rootpw setting (ITS#6661)
 	Fixed slapd-meta anon retry with failed auth method (ITS#6643)
diff --git a/servers/slapd/back-ldap/chain.c b/servers/slapd/back-ldap/chain.c
index 9c23dbf9b17b677bd556df0f066b2635f20e68f0..c5f783034b392bcee613d57c1d1d2eddf267473a 100644
--- a/servers/slapd/back-ldap/chain.c
+++ b/servers/slapd/back-ldap/chain.c
@@ -1262,6 +1262,7 @@ chain_ldadd( CfEntryInfo *p, Entry *e, ConfigArgs *ca )
 	assert( rc == LDAP_SUCCESS );
 
 	at = attr_find( e->e_attrs, ad );
+#if 0
 	if ( lc->lc_common_li == NULL && at != NULL ) {
 		/* FIXME: we should generate an empty default entry
 		 * if none is supplied */
@@ -1272,7 +1273,9 @@ chain_ldadd( CfEntryInfo *p, Entry *e, ConfigArgs *ca )
 		rc = LDAP_CONSTRAINT_VIOLATION;
 		goto done;
 
-	} else if ( lc->lc_common_li != NULL && at == NULL ) {
+	} else
+#endif
+	if ( lc->lc_common_li != NULL && at == NULL ) {
 		/* FIXME: we should generate an empty default entry
 		 * if none is supplied */
 		Debug( LDAP_DEBUG_ANY, "slapd-chain: "