diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c
index 63338b7e671798b14794d8867063b66be373c726..98884d4e43b7924c9385f852fc031d43e7742a02 100644
--- a/servers/slapd/bind.c
+++ b/servers/slapd/bind.c
@@ -231,6 +231,10 @@ do_bind(
 		goto cleanup;
 	}
 
+	/* Set the bindop for the benefit of in-directory SASL lookups */
+	ldap_pvt_thread_mutex_lock( &conn->c_sasl_bindmutex );
+	conn->c_sasl_bindop = op;
+
 	if ( method == LDAP_AUTH_SASL ) {
 		slap_ssf_t ssf = 0;
 
@@ -570,6 +574,9 @@ do_bind(
 	}
 
 cleanup:
+	conn->c_sasl_bindop = NULL;
+	ldap_pvt_thread_mutex_unlock( &conn->c_sasl_bindmutex );
+
 	if( pdn.bv_val != NULL ) {
 		free( pdn.bv_val );
 	}
diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c
index 7e99f261b2286d0c5bce5349c786992dd4c2f017..04cc49eaefa8608ff2313910057381029e470e82 100644
--- a/servers/slapd/connection.c
+++ b/servers/slapd/connection.c
@@ -139,6 +139,7 @@ int connections_destroy(void)
 			ber_sockbuf_free( connections[i].c_sb );
 			ldap_pvt_thread_mutex_destroy( &connections[i].c_mutex );
 			ldap_pvt_thread_mutex_destroy( &connections[i].c_write_mutex );
+			ldap_pvt_thread_mutex_destroy( &connections[i].c_sasl_bindmutex );
 			ldap_pvt_thread_cond_destroy( &connections[i].c_write_cv );
 		}
 	}
@@ -436,6 +437,7 @@ long connection_init(
 		c->c_sasl_bind_mech.bv_len = 0;
 		c->c_sasl_context = NULL;
 		c->c_sasl_extra = NULL;
+		c->c_sasl_bindop = NULL;
 
 		c->c_sb = ber_sockbuf_alloc( );
 
@@ -449,6 +451,7 @@ long connection_init(
 		/* should check status of thread calls */
 		ldap_pvt_thread_mutex_init( &c->c_mutex );
 		ldap_pvt_thread_mutex_init( &c->c_write_mutex );
+		ldap_pvt_thread_mutex_init( &c->c_sasl_bindmutex );
 		ldap_pvt_thread_cond_init( &c->c_write_cv );
 
 		c->c_struct_state = SLAP_C_UNUSED;
@@ -470,6 +473,7 @@ long connection_init(
 	assert( c->c_sasl_bind_mech.bv_val == NULL );
 	assert( c->c_sasl_context == NULL );
 	assert( c->c_sasl_extra == NULL );
+	assert( c->c_sasl_bindop == NULL );
 	assert( c->c_currentber == NULL );
 
 	ber_str2bv( url, 0, 1, &c->c_listener_url );
diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c
index 6c7cd68e02bed51582c185f1b6bb1f9d43773623..2d9df14d59e59cc27905af9b8bbeeeafc01b1a13 100644
--- a/servers/slapd/sasl.c
+++ b/servers/slapd/sasl.c
@@ -607,6 +607,7 @@ slap_auxprop_lookup(
 			op.o_callback = &cb;
 			op.o_time = slap_get_time();
 			op.o_do_not_cache = 1;
+			op.o_threadctx = conn->c_sasl_bindop->o_threadctx;
 
 			(*be->be_search)( be, conn, &op, NULL, &dn,
 				LDAP_SCOPE_BASE, LDAP_DEREF_NEVER, 1, 0,
@@ -731,6 +732,7 @@ slap_sasl_checkpass(
 		op.o_callback = &cb;
 		op.o_time = slap_get_time();
 		op.o_do_not_cache = 1;
+		op.o_threadctx = conn->c_sasl_bindop->o_threadctx;
 
 		(*be->be_search)( be, conn, &op, NULL, &dn,
 			LDAP_SCOPE_BASE, LDAP_DEREF_NEVER, 1, 0,
diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c
index f9f53d85ec9147e8579e9ebbb1df61852b2c75a8..7a1dd7836e47c4b1eeb6f8adbb20e2229c6135c4 100644
--- a/servers/slapd/saslauthz.c
+++ b/servers/slapd/saslauthz.c
@@ -449,6 +449,7 @@ void slap_sasl2dn( Connection *conn,
 	op.o_callback = &cb;
 	op.o_time = slap_get_time();
 	op.o_do_not_cache = 1;
+	op.o_threadctx = conn->c_sasl_bindop->o_threadctx;
 
 	(*be->be_search)( be, conn, &op, NULL, &dn,
 		scope, LDAP_DEREF_NEVER, 1, 0,
@@ -569,6 +570,7 @@ int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assert
 	op.o_callback = &cb;
 	op.o_time = slap_get_time();
 	op.o_do_not_cache = 1;
+	op.o_threadctx = conn->c_sasl_bindop->o_threadctx;
 
 	(*be->be_search)( be, conn, &op, /*base=*/NULL, &searchbase,
 	   scope, /*deref=*/1, /*sizelimit=*/0, /*time=*/0, filter, /*fstr=*/NULL,
@@ -622,7 +624,7 @@ slap_sasl_check_authz( Connection *conn,
 	   assertDN->bv_val, ad->ad_cname.bv_val, searchDN->bv_val);
 #endif
 
-	rc = backend_attribute( NULL, NULL, NULL, NULL, searchDN, ad, &vals );
+	rc = backend_attribute( NULL, NULL, conn->c_sasl_bindop, NULL, searchDN, ad, &vals );
 	if( rc != LDAP_SUCCESS )
 		goto COMPLETE;
 
diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h
index 94f95bf11c56c317247e307f424af51d1865627a..96f7747cdc61507b7078e96ddab5161b98aae9c7 100644
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -1618,6 +1618,8 @@ typedef struct slap_conn {
 	int		c_sasl_layers;	 /* true if we need to install SASL i/o handlers */
 	void	*c_sasl_context;	/* SASL session context */
 	void	*c_sasl_extra;		/* SASL session extra stuff */
+	struct slap_op	*c_sasl_bindop;	/* set to current op if it's a bind */
+	ldap_pvt_thread_mutex_t	c_sasl_bindmutex;	/* lock for bindop */
 
 	PagedResultsState c_pagedresults_state; /* paged result state */