diff --git a/0001-dyndns-Add-checks-for-NULL.patch b/0001-dyndns-Add-checks-for-NULL.patch
new file mode 100644
index 0000000..120b854
--- /dev/null
+++ b/0001-dyndns-Add-checks-for-NULL.patch
@@ -0,0 +1,61 @@
+From 43e2cc0fdb715b89c13dac126ac8382ef0e756cc Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Michal=20=C5=BDidek?= <mzidek@redhat.com>
+Date: Tue, 12 Jul 2016 12:11:18 +0200
+Subject: [PATCH] dyndns: Add checks for NULL
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Fixes:
+https://fedorahosted.org/sssd/ticket/3076
+
+We segfaulted in this area once. This patch
+makes the code more defensive and adds
+some DEBUG messages.
+
+Normally the structures are filled in online
+and/or resolve callbacks.
+
+Reviewed-by: Pavel Březina <pbrezina@redhat.com>
+---
+ src/providers/ipa/ipa_dyndns.c | 20 ++++++++++++++++++++
+ 1 file changed, 20 insertions(+)
+
+diff --git a/src/providers/ipa/ipa_dyndns.c b/src/providers/ipa/ipa_dyndns.c
+index 7217c61452e7ead2949a9f7d57b2f2fc58953af1..dc910770c771d4b7a7ee62d25be7c48e16c988a7 100644
+--- a/src/providers/ipa/ipa_dyndns.c
++++ b/src/providers/ipa/ipa_dyndns.c
+@@ -160,10 +160,30 @@ ipa_dyndns_update_send(struct ipa_options *ctx)
+     if (req == NULL) {
+         return NULL;
+     }
+     state->ipa_ctx = ctx;
+ 
++    /* The following three checks are here to prevent SEGFAULT
++     * from ticket #3076. */
++    if (ctx->service == NULL) {
++        DEBUG(SSSDBG_CRIT_FAILURE, "service structure not initialized\n");
++        ret = EINVAL;
++        goto done;
++    }
++
++    if (ctx->service->sdap == NULL) {
++        DEBUG(SSSDBG_CRIT_FAILURE, "sdap structure not initialized\n");
++        ret = EINVAL;
++        goto done;
++    }
++
++    if (ctx->service->sdap->uri == NULL) {
++        DEBUG(SSSDBG_CRIT_FAILURE, "LDAP uri not set\n");
++        ret = EINVAL;
++        goto done;
++    }
++
+     if (ctx->dyndns_ctx->last_refresh + 60 > time(NULL) ||
+         ctx->dyndns_ctx->timer_in_progress) {
+         DEBUG(SSSDBG_FUNC_DATA, "Last periodic update ran recently or timer "
+               "in progress, not scheduling another update\n");
+         tevent_req_done(req);
+-- 
+2.7.4
+
diff --git a/sssd.spec b/sssd.spec
index da6e694..0994859 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -25,7 +25,7 @@
 
 Name: sssd
 Version: 1.14.0
-Release: 4%{?dist}
+Release: 5%{?dist}
 Group: Applications/System
 Summary: System Security Services Daemon
 License: GPLv3+
@@ -35,6 +35,9 @@ BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 
 ### Patches ###
 
+# Band-aid for RHBZ #1366403
+Patch0001: 0001-dyndns-Add-checks-for-NULL.patch
+
 ### Dependencies ###
 
 Requires: sssd-common = %{version}-%{release}
@@ -1064,6 +1067,9 @@ fi
                                 %{_libdir}/%{name}/modules/libwbclient.so
 
 %changelog
+* Mon Aug 15 2016 Stephen Gallagher <sgallagh@redhat.com> - 1.14.0-5
+- Add workaround patch for RHBZ #1366403
+
 * Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.14.0-4
 - https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages