diff --git a/net/openldap26-server/Makefile b/net/openldap26-server/Makefile
index 24c18a9f55a6..5322c852788d 100644
--- a/net/openldap26-server/Makefile
+++ b/net/openldap26-server/Makefile
@@ -1,5 +1,6 @@
 PORTNAME=		openldap
 DISTVERSION=		2.6.12
+PORTREVISION=		1
 CATEGORIES=		net databases
 MASTER_SITES=		https://www.openldap.org/software/download/OpenLDAP/%SUBDIR%/ \
 			http://gpl.savoirfairelinux.net/pub/mirrors/openldap/%SUBDIR%/ \
@@ -89,8 +90,9 @@ OPTIONS_GROUP_OVLYS+=	HOMEDIR
 OPTIONS_GROUP_OVLYS+=	LASTBIND
 OPTIONS_GROUP_OVLYS+=	LASTMOD
 OPTIONS_GROUP_OVLYS+=	MEMBEROF
-OPTIONS_GROUP_OVLYS+=	NOPS
 OPTIONS_GROUP_OVLYS+=	NESTGROUP
+OPTIONS_GROUP_OVLYS+=	NOPS
+OPTIONS_GROUP_OVLYS+=	NSSOV
 OPTIONS_GROUP_OVLYS+=	OTP
 OPTIONS_GROUP_OVLYS+=	PROXYCACHE
 OPTIONS_GROUP_OVLYS+=	PPOLICY
@@ -155,6 +157,7 @@ HOMEDIR_DESC=		With Home Directory Management overlay
 MEMBEROF_DESC=		With Reverse Group Membership overlay
 NESTGROUP_DESC=		With nestgroup overlay
 NOPS_DESC=		With nops overlay
+NSSOV_DESC=		With NSS/PAM overlay [baked in nslcd(8)]
 OTP_DESC=		With OTP 2-factor authentication overlay
 PPOLICY_DESC=		With Password Policy overlay
 PROXYCACHE_DESC=	With Proxy Cache overlay
@@ -206,6 +209,7 @@ LLOADD_LIB_DEPENDS=		libevent.so:devel/libevent
 MDB_CONFIGURE_ENABLE=		mdb=yes
 MEMBEROF_CONFIGURE_ENABLE=	memberof=mod
 NESTGROUP_CONFIGURE_ENABLE=	nestgroup=mod
+NSSOV_CONFIGURE_ENABLE=		nssov=mod
 OTP_CONFIGURE_ENABLE=		otp=mod
 PASSWD_CONFIGURE_ENABLE=	passwd=mod
 PERL_CONFIGURE_ENABLE=		perl=mod
@@ -259,11 +263,15 @@ USE_LDCONFIG=		yes
 OPENLDAP_PORTREVISION=	${PORTREVISION_SERVER}
 OPENLDAP_PKGFILESUFX=
 
+NSLCD_VARDIR!=		${MAKE} -C ../nss-pam-ldapd -V NSLCD_VARDIR
+NSLCD_SOCKET!=		${MAKE} -C ../nss-pam-ldapd -V NSLCD_SOCKET
+
 LIB_DEPENDS+=		libicudata.so:devel/icu \
 			libldap.so:net/openldap26-client \
 			libltdl.so:devel/libltdl
 
 SUB_LIST+=		RC_DIR=${PREFIX} \
+			NSLCD_VARDIR=${NSLCD_VARDIR} \
 			LDAP_RUN_DIR=${LDAP_RUN_DIR} \
 			DATABASEDIR=${DATABASEDIR}
 
@@ -365,6 +373,10 @@ CONTRIB_CLEANFILES+=	lastmod.a
 CONTRIB_MODULES+=	slapd-modules/nops
 CONTRIB_CLEANFILES+=	nops.a
 .endif
+.if ${PORT_OPTIONS:MNSSOV}
+CONTRIB_MODULES+=	slapd-modules/nssov
+CONTRIB_CLEANFILES+=	nssov.a
+.endif
 .if ${PORT_OPTIONS:MTRACE}
 CONTRIB_MODULES+=	slapd-modules/trace
 CONTRIB_CLEANFILES+=	trace.a
@@ -387,10 +399,16 @@ post-patch:
 		${SED_MODULES} ${WRKSRC}/servers/slapd/slapd.conf
 	@${REINPLACE_CMD} -e 's|%LOCALSTATEDIR%/run/|${LDAP_RUN_DIR}/|g' \
 		${SED_MODULES} ${WRKSRC}/servers/slapd/slapd.ldif
-	@${REINPLACE_CMD} -e 's|^OPT =.*|OPT = ${CFLAGS}|g' \
-		-e 's|^CC =.*|CC = ${CC}|g' \
+	@${REINPLACE_CMD} -e 's|^OPT =.*|OPT = ${CFLAGS}|' \
+		-e 's|^CC =.*|CC = ${CC}|' \
 		${SED_MODULES} ${WRKSRC}/contrib/slapd-modules/*/Makefile \
 		${WRKSRC}/contrib/slapd-modules/*/*/Makefile
+	@${REINPLACE_CMD} -E \
+		-e 's|^(#define[[:space:]]+NSLCD_PATH).*|\1	"${NSLCD_VARDIR}"|' \
+		-e 's|^(#define[[:space:]]+NSLCD_SOCKET).*|\1	"${NSLCD_SOCKET}"|' \
+		${WRKSRC}/contrib/slapd-modules/nssov/nssov.h
+	@${REINPLACE_CMD} -e 's|0555|0755|' \
+		${WRKSRC}/contrib/slapd-modules/nssov/nssov.c
 .if defined(CONFIGURE_SED)
 	@${REINPLACE_CMD} -E ${CONFIGURE_SED} \
 		${CONFIGURE_WRKSRC}/${CONFIGURE_SCRIPT}
@@ -451,6 +469,9 @@ post-install:
 	${MKDIR} ${STAGEDIR}${PREFIX}/libexec/openldap
 .endif # defined(CLIENT_ONLY)
 
+post-install-NSSOV-on:
+	${INSTALL_DATA} ${WRKSRC}/contrib/slapd-modules/nssov/ldapns.schema ${STAGEDIR}${ETCDIR}/schema/ldapns.schema.sample
+
 post-install-SLAPI-on:
 	for library in slapi; do \
 		${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/lib$${library}.so.${OPENLDAP_SHLIB_MAJOR}; \
diff --git a/net/openldap26-server/files/slapd.in b/net/openldap26-server/files/slapd.in
index bdc2ad538a74..6fe9d5dcb5a5 100644
--- a/net/openldap26-server/files/slapd.in
+++ b/net/openldap26-server/files/slapd.in
@@ -42,6 +42,10 @@
 #
 #slapd_autobackup_name="backup"
 # Name to be used for backups
+#
+#slapd_nslcd="YES"
+# To install/chown %%NSLCD_VARDIR%% socket dir
+# for nssov overlay baked in nslcd(8)
 
 . /etc/rc.subr
 
@@ -58,6 +62,7 @@ if [ -n "${slapd_args+set}" ]; then
 fi
 : ${slapd_owner="%%LDAP_USER%%:%%LDAP_GROUP%%"}
 : ${slapd_sockets_mode="666"}
+: ${slapd_nslcd="NO"}
 : ${slapd_cn_config="NO"}
 : ${slapd_autobackup_enable="YES"}
 : ${slapd_autobackup_num="8"}
@@ -113,6 +118,9 @@ start_precmd()
     slapd_ownername="${slapd_owner%:*}"
     slapd_groupname="${slapd_owner#*:}"
 
+    if checkyesno slapd_nslcd; then
+        install -o $slapd_ownername -g $slapd_groupname -m 0755 -d %%NSLCD_VARDIR%%
+    fi
     if [ -n "$slapd_ownername" ]; then
       rc_flags="$rc_flags -u $slapd_ownername"
     fi
diff --git a/net/openldap26-server/pkg-plist b/net/openldap26-server/pkg-plist
index 9798d579b5eb..48959d11a14b 100644
--- a/net/openldap26-server/pkg-plist
+++ b/net/openldap26-server/pkg-plist
@@ -138,6 +138,12 @@
 %%NOPS%%libexec/openldap/nops.so.0
 %%NOPS%%libexec/openldap/nops.so.0.0.0
 %%NOPS%%share/man/man5/slapo-nops.5.gz
+%%NSSOV%%@sample %%ETCDIR%%/schema/ldapns.schema.sample
+%%NSSOV%%libexec/openldap/nssov.la
+%%NSSOV%%libexec/openldap/nssov.so
+%%NSSOV%%libexec/openldap/nssov.so.0
+%%NSSOV%%libexec/openldap/nssov.so.0.0.0
+%%NSSOV%%share/man/man5/slapo-nssov.5.gz
 %%OTP%%libexec/openldap/otp.so.%%SHLIB_MAJOR%%
 %%OTP%%libexec/openldap/otp.so.%%SHLIB_MAJOR%%.%%SHLIB_MINOR%%
 %%OTP%%libexec/openldap/otp.la