Novell Home

Upgrading from SecureLogin v3 to v3.5 for Lotus Notes

Novell Cool Solutions: Feature
By Peter Hine

Digg This - Slashdot This

Posted: 30 May 2007
 

Problem

I've looked around and not found much on upgrading from SecureLogin v3 to v3.5x for Lotus Notes.

For v3, the pronotes.dll was used for single sign-on, and the credentials were stored in the application "LotusNotes" and the variable is called after the user's name (eg: CN=Full Name/O=Organization). v3.5 and up store the credentials in the application "nlnotes.exe" and the variable is called Password. (I'm sure there was a script I found a long time ago, but I wasn't able to find a Google string to find it again.) The organization hasn't had a business reason to upgrade till now, so this is why this is being dealt with now.

Solution

I've added my own bits to the script supplied by Protocom some time ago. The full script is included, below but the extra bit I added deals with the password.

In my organization, people's Lotus Notes names are either "CN=Full Name/O=Organization" or "CN=Full Name/OU=State/O=Organization", so the script below will deal with these forms. It simply reads the user name from LotusNotes login box (short form name EG : Full Name/Organization), reformats it to the fully distinguished form, and looks up the old v3 password and assigns it to the Password variable. The location of the new piece is the correct location for this Protocom script. For your script, it will need to be placed before your equivalent of the line "Type $Password #280".

The line doing the real work here is the SubstVar line. It requires a variable as input with the form of "variable(Application)", so this script produces "CN=Full Name/O=Organization(LotusNotes)" as an example. This is what the StrCat lines are doing.

Partial Script

Here's a partial script for those that just want to see the change:

*************************************************************************
#===========================================================================
#         Start new section for Migration
# regards :
http://www.ndsengineers.com/securelogin/
411996-lotus-notes-migration-nsl-3-0-4-nsl-3-5-1-a.html 
# Info in link brought attention to SubstVar (which is not in the 3.5 doco 
# I have)
#===========================================================================
If -NotExist $Password

    #get user name from login box
  ReadText #224 ?Uname

    #split out the various compents
  RegSplit "(.*)/(.*)/(.*)" ?Uname ?name ?org1 ?org2

    #now decide if the user name is state based (3 parts) or stateless (2
parts)
  If ?org2 Eq "<NOTSET>"
     #redo split as the first one's results are invalid
    RegSplit "(.*)/(.*)" ?Uname ?name ?org1
    StrCat ?Uname "CN=" ?name "/O=" ?org1 "(LotusNotes)"
  Else
    StrCat ?Uname "CN=" ?name "/OU=" ?org1 "/O=" ?org2 "(LotusNotes)"
  Endif

  SubstVar $Password ?Uname

Endif
#===========================================================================
#         End new section for Migration
#===========================================================================
**********************************************************************

Full Script

**********************************************************************
#===========================================================================
# Application:    NLNOTES.EXE
# Description:    Lotus Notes R6.5
# Type:           Windows
#
# Written By:     Protocom Development Systems
# Last Updated:   02 FEB 2004
#===========================================================================

#===========================================================================
# Enforce Lotus Notes Password Policy
#===========================================================================
#RestrictVariable ?NewNotesPwd LotusNotesPwdPolicy

#===========================================================================
# Password change warning box has been found.
# Ask the user if they would like to change their password now.
# If yes, it will change, if no, it won't.
#===========================================================================
Dialog
   Title "Lotus Notes"
   Ctrl #65535  "WARNING: Your password will expire on (.*)"
EndDialog

Click #2
MessageBox "Your password for Lotus Notes will soon expire.  If you choose
Yes, next time you go to your Inbox, your password will be changed
automatically and remembered by SecureLogin.  If you choose No, this
message will be displayed everytime Notes starts." -YesNo ?Result

If ?Result Eq "Yes"
   Set ?PassChangeFlag "On"
EndIf

#===========================================================================
# Password expiry warning box has been found.
# So problems don't occur, force the password change.
#===========================================================================
Dialog
   Title "Lotus Notes"
   Ctrl #65535  "You must change your password. It expired on(.*)"
EndDialog

Click #2
MessageBox "Your Lotus Notes Password has expired!  For security and
operational reasons, next time you go to your Inbox, it will be changed
automatically and remembered by SecureLogin."
Set ?PassChangeFlag "On"

#===========================================================================
# This is the start of Lotus Notes and the workspace is now up and ready to
# accept the ALT keyboard commands.
#===========================================================================
Dialog
   Parent
      Class "NotesSubprog"
   EndParent
   Class "NotesLineView"
EndDialog

#===========================================================================
# If ?PassChangeFlag is "On", select File, Security, User Security, Set 
# Password.
#===========================================================================
If ?PassChangeFlag Eq "On"
   MessageBox "For security and operational reasons, Lotus Notes is about
to change your password.  Your password will be automatically updated for
you.   Click OK to clear this message and the process will begin.   It will
advise you when the password has been changed and you can then continue to
work as normal...."
   Delay 1000
   Type "\Alt+F"
   Type "Y"
   Type "S"
   Type "\Alt+P"
EndIf

#===========================================================================
# This is a Notes Error where the password selected cannot be re-used.
# We must reset the password prompt count so we don't save the wrong password
# when the password prompt box is redisplayed
#===========================================================================
Dialog
   Title "Lotus Notes"
   Ctrl #65535 "You have used this password before. Please choose a new
one"
EndDialog

ReadText #65535 ?Message
Click #2
MessageBox ?Message
Delay 100
Type -Raw "\ALT-P"

#===========================================================================
# This is a Notes Error where the password selected does not match the 
# server password policy.
# We must reset the password prompt count so we don't save the wrong password
# when the password prompt box is redisplayed
#===========================================================================
Dialog
   Title "Lotus Notes"
   Ctrl #65535 "The password you specified is not complex enough."
EndDialog

ReadText #65535 ?Message
Click #2
MessageBox ?Message
Delay 1000
ChangePassword ?NewNotesPwd
Type -Raw ?NewNotesPwd
Delay 300
Type -Raw "\T"
Delay 300
Type -Raw ?NewNotesPwd
Type -Raw "\N"

#===========================================================================
# The ChangePassword box has been displayed by the user or because of manual
# password invokation.
#===========================================================================
Dialog
   Title "Change Password"
   Ctrl #280
   Ctrl #283
   Ctrl #2185 "&Enter new password"
EndDialog

ChangePassword ?NewNotesPwd
Type  ?NewNotesPwd #280
Delay 50
Type  ?NewNotesPwd #283
Click #1

#===========================================================================
# On a successful password change message update the
# password variable
#===========================================================================
Dialog
   Title "Lotus Notes"
   Class #32770
   Ctrl #65535 "Your password change succeeded!"
EndDialog

Click #2
MessageBox "Password change successful.  SecureLogin will remember your
password for you."

#===========================================================================
# Record the newly set password and set the password change flag off
#===========================================================================
Set ?PassChangeFlag "Off"
Set $Password ?NewNotesPwd

#===========================================================================
#  Main Notes Password Prompt
#===========================================================================
Dialog
   Title "Lotus Notes"
   Class #32770
   Ctrl #280
   Ctrl #224
EndDialog

#===========================================================================
#Removed as storing the username has no value for us
#===========================================================================
#If -Exists $Username
#Else
#   ReadText #224 $Username
#   If $Username Eq ""
#      ReadText #218 $Username
#   EndIf
#EndIf

#===========================================================================
#         Start new section for Migration
# regards :
http://www.ndsengineers.com/securelogin/
411996-lotus-notes-migration-nsl-3-0-4-nsl-3-5-1-a.html 
#    Info in link brought attention to SubstVar (which is not in the 3.5
doco i have)
#===========================================================================
If -NotExist $Password

    #get user name from login box
  ReadText #224 ?Uname

    #split out the various compents
  RegSplit "(.*)/(.*)/(.*)" ?Uname ?name ?org1 ?org2

    #now decide if the user name is state based (3 parts) or stateless (2
parts)
  If ?org2 Eq ""
     #redo split as the first one's results are invalid
    RegSplit "(.*)/(.*)" ?Uname ?name ?org1
    StrCat ?Uname "CN=" ?name "/O=" ?org1 "(LotusNotes)"
  Else
    StrCat ?Uname "CN=" ?name "/OU=" ?org1 "/O=" ?org2 "(LotusNotes)"
  Endif

  SubstVar $Password ?Uname

Endif
#===========================================================================
#         End new section for Migration
#===========================================================================

SetPrompt "Please enter your Lotus Notes password ===>"
Type $Password #280
Click #1

SetPrompt "Please enter your correct Lotus Notes password."

#===========================================================================
# We have the wrong password in the database for this application.
#===========================================================================
Dialog
   Title "Lotus Notes"
   Ctrl #65535 "Wrong password(.*)"
EndDialog

#===========================================================================
# Clear wrong password error (Lotus Notes owned)
#===========================================================================
Click #1

DisplayVariables "The password stored in Single Sign-on does not match the
user password in the Notes ID file.  Please enter the correct Lotus Notes
password." $Password
SetPrompt "Notes Password:"
Type -Raw $Password
Type -Raw "\N"

#===========================================================================
#  Subroutine to handle cancelled password changes
#===========================================================================
Sub ClearPasswordChange
   MessageBox "You have cancelled the password change operation!  You will
have to set a new password in the near future or you may have problems
accessing the system."
   Type -Raw "\|27"
   ClearException ChangePasswordCancelled
   EndScript
EndSub
*****************************************************************************


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell