The LDAP Sync script takes care that Moodle accounts are up-to-date. In the event that a LDAP user disappears in the LDAP server, the script can be configured to suspend or delete the corresponding Moodle account.
This all-or-nothing solution does not fit all scenarios.
It may happen that a LDAP user disappears one day (for example, because the student has been exmatriculated because he didn't pay his study fee) and re-appears some days later (because he eventually payed this fee).
If I configure the script to delete users, the Moodle account is lost already when the LDAP user re-appears.
If I configure the script to suspend users, the Moodle account can be revived, but in most of the cases I end up with suspended Moodle accounts which will never be used again.
I propose to add another option to the LDAP script which suspends users which have disappeared in LDAP for a configurable amount of days and deletes them only after this grace period.