Originally reported on sakai-dev: http://article.gmane.org/gmane.comp.cms.sakai.devel/20338. This refers specifically to the JLDAPDirectoryProvider.
I'm not certain of exactly how this occurs, but when BaseUserDirectoryService is operating in case-insensitive mode (the default), but the UDP sets mixed-case EIDs on UserEdits, end-users can still log in and interact with Sakai (join worksites, etc), but their SAKAI_USER_ID_MAP record is effectively orphaned such that subsequent logins result in the creation of a new (transient!) user identity (and the loss of worksite memberships etc.)
1) Log in as "userX" where the LDAP host will match a mixed case variant, e.g. "UserX"
2) Observe the creation of a corresponding record in SAKAI_USER_ID_MAP where EID = 'UserX'
3) Observe the creation of a MyWorkspace record in SAKAI_SITE, but where SAKAI_SITE.USER_ID references a value not present in SAKAI_USER_ID_MAP.USER_ID
4) Join a worksite
5) Log out
6) Repeat step 1. Worksite membership will have gone missing and the effect described in step 3 will have been duplicated (i.e. there will now be two orphaned MyWorkspace sites and one orphaned SAKAI_USER_ID_MAP record.