I try to find out if it is possible to automate a import/blocked of the persons in SD 4.5 What I mean is that before to import the persons, comming from LDAP, all the persons already in SD will be set to Blocked so that at the import all this persons will set unblocked.
You could take any field that will be the same for all the employees from LDAP and set a field mapping for it.
For example, if all employees have a company of 'HP', you could set the import so that the company field from LDAP maps to the blocked field in the person record. You would then need to go into the blocked field on the import map and set a field level mapping so that the word 'HP' means that blocked is no.
Really, any field that is the same (or has slight variances that would be known) for all employees should be workable.
I would create temporary field named "last import date" and import date when import was last run. After that i would create database rule, which would blok person if last import date would be older than for example 3 days. That will work because all blocked persons dissapear from LDAP and you wont have the possibility to import new value for them
Every day at 4.30AM I export all persons in the company from LDAP. Thsi one will be convert to a XML file and will be imported in SD as well. But before todo this action I want to be sure that all the persons are blocked before todo the import. That means that the new import of the persons will be not only update the information of the persons but also to create the new one and all thsi persons (old/new) will be authomatically set to not blocked.
Possible solutions: 1. Create import from sd :) that is create import, which selects all persons from SD and imports value blocked - if you are familiar with SD database view's, you can easily select data from there 2. Use last xml file (which still has info about deleted person) and import blocked field from there (after import copy xml file to another location and create another import, which uses just xml and imports blocked field) 3. If you block everytime all persons and unblock later, you will loose import speed and flexibility - it will be difficult to know when person data was modified last time. Instead of that use sheduled database rule, which block person if it is not updated in one day (if there are alot persons sheduled rules could impact server performance) 4. Create sql, which updates all person data in database and sets blocked to true - dont recommend this way, because hp doesnt like when you alter db directly
I doubt that there are easyer ways to do what you want (of course manual "update all" works well too :) )
Be carefull with first setting persons to blocked and then expecting the data exchange to unlock them again in SD if they still exist in LDAP, because for some service packs the data exchange will create a new person even if there is a blocked person with a matching key. I would advise to use delta processing: 1. Extract all persons from SD to xml 2. Extract all persons from LDAP to xml 3. Use the -recofile option to compare and only import changes. 4. This will also result in an xml (.str extension) file containing all persons that are still in SD but not in LDAP. This file can be processed using java web API.