Processing LDAP Import Requests

The LDAP import service calls the LDAP Import Adapter, which performs the following actions:

It reads the LDAP configuration information provided as XAI parameters to the request. Parameters include the Java Name Directory Interface (JNDI) server, user and password for the LDAP server, and the transaction type (e.g., import).
It connects to the LDAP store using a JNDI specification.
For each element (user or group) in the request, the LDAP is searched by applying the search filter (specified for the element) and the searchParm (specified in the request).
The adapter goes through each entry found in the search and verifies whether or not there is already an entry in the system and whether a user belongs to a user group. From this information, it automatically determines the action to be taken:
- Add
- Update
- Link user to group
- Unlink user from group (by setting the expiration date)
If the entry is a group, the adapter also imports all the users in LDAP that are linked to the group. If the entry is a user, the adapter imports the groups to which the user belongs in LDAP.
For each imported entity, the adapter creates an appropriate XML request and adds it to the XAI upload staging table. If, for example, the action is to add a user, it creates an XML request corresponding to the CDxXAIUserMaintenance service; and if the action is to add a group, it creates an XML request corresponding to the CDxXAIUserGroupMaintenance service.

The XML upload staging receiver processes the upload records in sequential order (based on the upload staging ID).

Note: No Second Order Import. If a user is imported because the name belongs to an imported group, the adapter does not import all the other groups to which the user belongs. If a group is imported because the imported user belongs to it, the adapter does not import all the other users that belong to the group.

Note: Long User and Group Names. Users and groups whose names exceed the length limit in the system are not synchronized.