modify-password

Used as an event notification from the PublicationShim to Identity Manager that an object password is modified in the application. When used as a notification, an <association> is required. Also used as a command from Identity Manager to the SubsciptionShim to modify an object password in the application. When used as a command, an <association> is required and is the unique key of the object to modify.

Remarks

When the target is eDirectory, and <old-password> is specified, the modifyPassword API is used to modify the password. If not specified, the GenerateKeyPair API is used. Using GenerateKeyPair might invalidate authentication credentials for any existing session authenticated as the target object.

When the target is the application, a driver might or might not implement this functionality, depending on the applicability to the application.

A response to <modify-password> should be a <status> indicating whether or not the <modify-password> is processed successfully.

Example

<modify-password class-name="User" src-dn="\Sam">        <association>1012</association>        <password>mypassword<password></modify-password>

Allowed Content

Element	Description
association	Unique key of the application object.
old-password	The old authentication password.
password	The authentication password.
operation-data	The operation adds additional custom data.

Attributes

Attribute	Possible Values	Default Value
class-name	CDATA The name of the base class of the object. The class name is mapped between the application and eDirectory namespaces by the Schema Mapping policy so that Identity Manager sees the name in the eDirectory namespace and a driver sees the name in the application namespace. Required when used as a notification.	#IMPLIED
dest-dn	CDATA The distinguished name of the target object in the namespace of the receiver.	#IMPLIED
dest-entry-id	CDATA The entry ID of the target object in the namespace of the receiver. Reserved. Should be ignored by the driver.	#IMPLIED
event-id	CDATA An identifier used to tag the results of an event or command.	#IMPLIED
qualified-src-dn	CDATA The qualified version of the src-dn. Only used for describing objects from eDirectory.	#IMPLIED
src-dn	CDATA The distinguished name of the source object that generated the event in the namespace of the sender.	#IMPLIED
src-entry-id	CDATA The entry ID of the source object that generated the event in the namespace of the sender. Reserved. Should be ignored by the driver.	#IMPLIED
timestamp	CDATA Reserved. Should be ignored by the driver.	#IMPLIED

Content Rule

( association ? , old-password ? , password , operation-data ? )

Parent Elements

Element	Description
input	Input events or commands.