diff --git a/README.LDAP b/README.LDAP
index 6ad6333..13a3062 100644
--- a/README.LDAP
+++ b/README.LDAP
@@ -68,9 +68,13 @@ details anyway:
 
 - LDAPScheme is the scheme (aka protocol) to connect with to the LDAP server.
 It defaults to 'ldap'. To connect to a server listening on TLS port, set it
-to 'ldaps' (and change the port below).
+to 'ldaps' (and change the port below).  To connect to a server listening on 
+a Unix domain socket, set it to 'ldapi'
 
 - LDAPServer is the LDAP server name (hey!) . It defaults to 'localhost'.
+If the 'ldapi' scheme is in use, this field should be set to the
+*URL-encoded* path of the server socket. For example,
+'/var/run/ldap.sock' becomes '%2Fvar%2Frun%2Fldap.sock'.
 
 - LDAPPort is the connection port. It defaults to 389, the standard port.
 Port value should be changed for 'ldaps' connection (the TLS port for an
diff --git a/src/log_ldap.c b/src/log_ldap.c
index d777e24..5a15583 100644
--- a/src/log_ldap.c
+++ b/src/log_ldap.c
@@ -125,9 +125,17 @@ void pw_ldap_parse(const char * const file)
         if ((ldap_uri = malloc(sizeof_ldap_uri)) == NULL) {
             die_mem();
         }
-        snprintf(ldap_uri, sizeof_ldap_uri, "%s%s%s%s%s%d",
-                 ldap_scheme, URI_SCHEME_SEPARATOR, URI_AUTHORITY_LEADER,
-                 ldap_host, URI_PORT_LEADER, port);
+
+        /* The "ldapi://" scheme uri cannot contain a port number*/
+        if (pure_strcmp(ldap_scheme, "ldapi") == 0) {
+                snprintf(ldap_uri, sizeof_ldap_uri, "%s%s%s%s",
+                         ldap_scheme, URI_SCHEME_SEPARATOR, URI_AUTHORITY_LEADER,
+                         ldap_host);
+        } else {
+                snprintf(ldap_uri, sizeof_ldap_uri, "%s%s%s%s%s%d",
+                         ldap_scheme, URI_SCHEME_SEPARATOR, URI_AUTHORITY_LEADER,
+                         ldap_host, URI_PORT_LEADER, port);
+	}
     }
 
     /* Default to auth method bind, but for backward compatibility, if a binddn