Hi, I am running an instance of Alfresco Community 3.4a and use the LDAP synchronization subsystem to pull users into Alfresco on a nightly basis. However recently the user account that is used to connect to the LDAP server temporarily lost its view privileges on certain properties such as UID (due to a misconfiguration issue on the LDAP-server side). Which caused the sync-job to not find any users during its nightly run, resulting in wiping out all imported users from my Alfresco instance. Naturally, I would like to shield my alfresco instance from such a meltdown in the future as much as possible.
So my question is - would it be possible to run the LDAP synchronization as scheduled job in "Differential" mode? Meaning that only create/update operations are applied but no users/groups get deleted from alfresco if the corresponding records are not found on the LDAP server.
The wiki documentation http://wiki.alfresco.com/wiki/The_Synchronization_Subsystem#Deletion_Behavior explains how user deletion applies to running a scheduled job in "differential with deletions" vs. "full mode", but doesn't give any info how to run such a job in "differential"-only mode or not. Is this even possible? If so, what configuration settings would have to be applied?
Any tips/pointers in the right direction will be much appreciated. Many thanks, - Stefan
