diff --git a/clients/tools/ldapdelete.c b/clients/tools/ldapdelete.c
index 20a905998ba39acd5f64f3c94fc6302f30bb78c9..f9a93a030303ac629e02034add1322db8bb941ef 100644
--- a/clients/tools/ldapdelete.c
+++ b/clients/tools/ldapdelete.c
@@ -38,7 +38,7 @@ main( int argc, char **argv )
     not = verbose = contoper = want_bindpw = debug = 0;
     fp = NULL;
     authmethod = LDAP_AUTH_SIMPLE;
-	version = LDAP_VERSION2;
+	version = -1;
 
     while (( i = getopt( argc, argv, "WnvkKch:P:p:D:w:d:f:" )) != EOF ) {
 	switch( i ) {
@@ -131,7 +131,9 @@ main( int argc, char **argv )
 	if (want_bindpw)
 		passwd = getpass("Enter LDAP Password: ");
 
-	ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
+	if( version != -1 ) {
+		ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
+	}
 
     if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) {
 	ldap_perror( ld, "ldap_bind" );
diff --git a/clients/tools/ldapmodify.c b/clients/tools/ldapmodify.c
index 224502cb3cf77daee555e1806e654dd5326ca0e0..6e055ac389c4a3cdd4b306f89bcf4ce0c2707a30 100644
--- a/clients/tools/ldapmodify.c
+++ b/clients/tools/ldapmodify.c
@@ -81,7 +81,7 @@ main( int argc, char **argv )
     infile = NULL;
     not = verbose = valsfromfiles = want_bindpw = debug = 0;
     authmethod = LDAP_AUTH_SIMPLE;
-	version = LDAP_VERSION2;
+	version = -1;
 
     while (( i = getopt( argc, argv, "WFabckKnrtvh:p:D:w:d:f:" )) != EOF ) {
 	switch( i ) {
@@ -193,7 +193,9 @@ main( int argc, char **argv )
 	if (want_bindpw)
 		passwd = getpass("Enter LDAP Password: ");
 
-	ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
+	if( version != -1 ) {
+		ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
+	}
 
 	if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) {
 	    ldap_perror( ld, "ldap_bind" );
diff --git a/clients/tools/ldapmodrdn.c b/clients/tools/ldapmodrdn.c
index f35ddb4773aa7654731758014303f0de48ff5655..05a4df902fe49aa5815937f0e84b31c7a3bb3050 100644
--- a/clients/tools/ldapmodrdn.c
+++ b/clients/tools/ldapmodrdn.c
@@ -40,7 +40,7 @@ main(int argc, char **argv)
     infile = NULL;
     not = contoper = verbose = remove = want_bindpw = debug = 0;
     authmethod = LDAP_AUTH_SIMPLE;
-	version = LDAP_VERSION2;
+	version = -1;
 
     myname = (myname = strrchr(argv[0], '/')) == NULL ? argv[0] : ++myname;
 
@@ -155,7 +155,9 @@ main(int argc, char **argv)
 	if (want_bindpw)
 		passwd = getpass("Enter LDAP Password: ");
 
-	ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
+	if( version != -1) {
+		ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
+	}
 
     if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) {
 	ldap_perror( ld, "ldap_bind" );
diff --git a/clients/tools/ldappasswd.c b/clients/tools/ldappasswd.c
index 672710e8335d0f42be826c45d2af0feb8fc4af31..03d2fccb464e16ce1d90ea381bf285ee101ecbb6 100644
--- a/clients/tools/ldappasswd.c
+++ b/clients/tools/ldappasswd.c
@@ -360,10 +360,10 @@ main (int argc, char *argv[])
 	int		i, j;
 	int		ldapport = 0;
 	int		debug = 0;
-	int		scope = LDAP_SCOPE_SUBTREE;
-	int		sizelimit = LDAP_NO_LIMIT;
-	int		timelimit = LDAP_NO_LIMIT;
-	int		version = LDAP_VERSION2;
+	int		scope = -1;
+	int		sizelimit = -1;
+	int		timelimit = -1;
+	int		version = -1;
 	int		want_bindpw = 0;
 	int		want_newpw = 0;
 	LDAP	       *ld;
@@ -559,8 +559,12 @@ main (int argc, char *argv[])
 	}
 
 	/* set options */
-	ldap_set_option (ld, LDAP_OPT_TIMELIMIT, (void *)&timelimit);
-	ldap_set_option (ld, LDAP_OPT_SIZELIMIT, (void *)&sizelimit);
+	if( timelimit != -1 ) {
+		ldap_set_option (ld, LDAP_OPT_TIMELIMIT, (void *)&timelimit);
+	}
+	if( sizelimit != -1 ) {
+		ldap_set_option (ld, LDAP_OPT_SIZELIMIT, (void *)&sizelimit);
+	}
 
 	/* this seems prudent */
 	{
@@ -568,7 +572,9 @@ main (int argc, char *argv[])
 		ldap_set_option( ld, LDAP_OPT_DEREF, &deref);
 	}
 
-	ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
+	if( version != -1 ) {
+		ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
+	}
 
 	/* authenticate to server */
 	if (ldap_bind_s (ld, binddn, bindpw, authmethod) != LDAP_SUCCESS)
diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c
index a22c208109cba2c9edc7f8e36016028543dc9516..254cc59e98350559c638f3a0b1ed0fdb7fe8c6b6 100644
--- a/clients/tools/ldapsearch.c
+++ b/clients/tools/ldapsearch.c
@@ -93,13 +93,13 @@ main( int argc, char **argv )
     LDAP		*ld;
 
     infile = NULL;
-    deref = verbose = allow_binary = not = vals2tmp =
+    debug = verbose = allow_binary = not = vals2tmp =
 	    attrsonly = ldif = want_bindpw = 0;
-    referrals = (int) LDAP_OPT_ON;
-    sizelimit = timelimit = debug = 0;
-    scope = LDAP_SCOPE_SUBTREE;
+
+	deref = referrals = sizelimit = timelimit =
+    	scope = version = -1;
+
     authmethod = LDAP_AUTH_SIMPLE;
-	version = LDAP_VERSION2;
 
     while (( i = getopt( argc, argv, "WKknuvtRABLD:s:f:h:b:d:P:p:F:a:w:l:z:S:")) != EOF ) {
 	switch( i ) {
@@ -268,20 +268,30 @@ main( int argc, char **argv )
 	exit( 1 );
     }
 
-	if (ldap_set_option( ld, LDAP_OPT_DEREF, (void *) &deref ) == -1 ) {
+	if (deref != -1 &&
+		ldap_set_option( ld, LDAP_OPT_DEREF, (void *) &deref ) == -1 )
+	{
 		/* set option error */
 	}
-	if (ldap_set_option( ld, LDAP_OPT_TIMELIMIT, (void *) &timelimit ) == -1 ) {
+	if (timelimit != -1 &&
+		ldap_set_option( ld, LDAP_OPT_TIMELIMIT, (void *) &timelimit ) == -1 )
+	{
 		/* set option error */
 	}
-	if (ldap_set_option( ld, LDAP_OPT_SIZELIMIT, (void *) &sizelimit ) == -1 ) {
+	if (sizelimit != -1 &&
+		ldap_set_option( ld, LDAP_OPT_SIZELIMIT, (void *) &sizelimit ) == -1 )
+	{
 		/* set option error */
 	}
-	if (ldap_set_option( ld, LDAP_OPT_REFERRALS, (void *) referrals ) == -1 ) {
+	if (referrals != -1 &&
+		ldap_set_option( ld, LDAP_OPT_REFERRALS, (void *) referrals ) == -1 )
+	{
 		/* set option error */
 	}
 
-	if (ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) == -1) {
+	if (version != -1 &&
+		ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) == -1)
+	{
 		/* set option error */
 	}