// from the table usr_institution and not from the table user ...
// we don't need it here
$data = get_institutional_admin_search_results($params, $limit);
// map user's id to username for easy retrieving
$currentmembers = array();
foreach ($data['data'] as $datum) {
    $currentmembers[$datum['username']] = $datum['id'];
}
unset($data);
// save memory
if ($CFG->debug_ldap_groupes) {
    moodle_print_object("current members : " . count($currentmembers) . ' ', $currentmembers);
}
// it is unlikely that there is mre than one LDAP per institution
foreach ($auths as $auth) {
    $instance = new GAAuthLdap($auth->id);
    // override defaut contexts values for the auth plugin
    if ($onlycontexts) {
        $instance->set_config('contexts', $onlycontexts);
    }
    // OVERRRIDING searchsub contexts for this auth plugin
    if ($searchsub !== false) {
        $instance->set_config('search_sub', $searchsub ? 'yes' : 'no');
    }
    //testing code process nested groups
    // to enable it set CFG->ldap_process_nested_groups  to 1 in config.php
    //$instance->set_config('process_nested_groups',true);
    if ($CFG->debug_ldap_groupes) {
        moodle_print_object("config. LDAP : ", $instance->get_config());
    }
    $groups = $instance->ldap_get_grouplist();
// from the table usr_institution and not from the table user ...
// we don't need it here
$data = get_institutional_admin_search_results($params, $limit);
// map user's id to username for easy retrieving
$currentmembers = array();
foreach ($data['data'] as $datum) {
    $currentmembers[$datum['username']] = $datum['id'];
}
unset($data);
// save memory
if ($CFG->debug_ldap_groupes) {
    moodle_print_object("current members : " . count($currentmembers) . ' ', $currentmembers);
}
// it is unlikely that there is mre than one LDAP per institution
foreach ($auths as $auth) {
    $instance = new GAAuthLdap($auth->id);
    $instance->set_config('group_synching_ldap_attribute_attribute', $attributename);
    // override defaut contexts values for the auth plugin
    if ($onlycontexts) {
        $instance->set_config('contexts', $onlycontexts);
    }
    // OVERRRIDING searchsub contexts for this auth plugin
    if ($searchsub !== false) {
        $instance->set_config('search_sub', $searchsub ? 'yes' : 'no');
    }
    if ($CFG->debug_ldap_groupes) {
        moodle_print_object("config. LDAP : ", $instance->get_config());
    }
    // get the distinct values of the used attribute by a LDAP search
    // that may be restricted by flags -c or -o
    $groups = $instance->get_attribute_distinct_values();
    $USER->logout();
    // important
    cli::cli_exit($e->getMessage(), true);
}
$cli->cli_print('---------- started at ' . date('r', time()) . ' ----------');
$auths = auth_instance_get_matching_instances($institutionname);
if ($CFG->debug_ldap_groupes) {
    moodle_print_object("auths candidates : ", $auths);
}
if (count($auths) == 0) {
    $cli->cli_exit(get_string('cli_mahara_nomatchingauths', 'local.ldap'));
}
execute_sql('CREATE TEMPORARY TABLE extusers (extusername VARCHAR(64), PRIMARY KEY (extusername))', false);
// it is unlikely that there is mre than one LDAP per institution
foreach ($auths as $auth) {
    $instance = new GAAuthLdap($auth->id);
    // override defaut contexts values for the auth plugin
    if ($onlycontexts) {
        $instance->set_config('contexts', $onlycontexts);
    }
    // OVERRRIDING searchsub contexts for this auth plugin
    if ($searchsub !== false) {
        $instance->set_config('search_sub', $searchsub ? 'yes' : 'no');
    }
    $instanceconfig = $instance->get_config();
    if ($CFG->debug_ldap_groupes) {
        moodle_print_object("config. LDAP : ", $instanceconfig);
    }
    // fetch ldap users having the filter attribute on (caution maybe mutlivalued
    // do it on a scalable version by keeping the LDAP users names in a temporary table
    $nbldapusers = $instance->ldap_get_users_scalable('extusers', 'extusername', $extrafilterattribute);