diff --git a/libraries/libldap/open.c b/libraries/libldap/open.c
index 8030790a942a9d3d5d26b768553376227b3c4740..1d2a7d62c62d17d91468b49cb4508fb29c58e0b8 100644
--- a/libraries/libldap/open.c
+++ b/libraries/libldap/open.c
@@ -353,6 +353,15 @@ ldap_int_open_connection(
 		ldap_int_sasl_open( ld, conn, sasl_host, sasl_ssf );
 		LDAP_FREE( sasl_host );
 	}
+	/* sasl_ssf is set redundantly. Should probably remove it from
+	 * the ldap_int_sasl_open call since the TLS ssf isn't known
+	 * yet anyway.
+	 */
+	if( proto == LDAP_PROTO_IPC ) {
+		char authid[64];
+		sprintf( authid, "uid=%d+gid=%d", geteuid(), getegid() );
+		ldap_int_sasl_external( ld, conn, authid, sasl_ssf );
+	}
 #endif
 
 #ifdef HAVE_TLS