On Thu, Feb 27, 2025 at 03:15:06PM -0000, erikdewaard@gmail.com wrote:
Hi,
When bootstrapping consumers through replication (clean conf/data dir) receiving msgs about pwdPolicySubentry missing. Its not always the same: sometimes 4 msgs another time 60 etc.
I have this on various consumers 2.5.17/2.6.7 I thought this could be related to some ordering, maybe the accounts were created before ppolicy cn=noexpirepasswordpolicy data was replicated?
Hi Erik, yes, if you're bootstrapping a consumer, the entries might arrive in "random" order so user entries might be loaded before their policy has been. If the replica is exposed to clients during that time, you'll see this sort of message.
If this is something you do more often, it's better to have a semi-fresh DB copy to load on a new consumer and just let it catch up from there. Speeds up bootstrap times and is much more resource efficient that way. Or you can monitor when the consumer catches up with the rest of the deployment and don't advertise its existence until that's happened.
Regards,