The NotesDriverShim provides password-set capabilities through the modify-password command. When issuing the command on the Subscriber channel, the NotesDriverShim uses a shared native library to access the appropriate Lotus Notes APIs that allow for changing a password within a user.id file.
The shared native library that comes with the driver is named notesdrvjni. On the Windows platform, notesdrvjni.dll is placed in the Identity Manager binaries folder (c:\novell\nds) where the NotesDriverShim.jar can find it when the driver launches. On the AIX*, Linux, and Solaris* platforms, the notesdrvjni.so file is linked to the Notes/Domino execution directory.
If the NotesDriverShim initializes with the notesdrvjni shared library present, text similar to the following should show in a level 3 (or above) trace:
"NotesDriverShimLotusCAPIAccess: notesdrvjni (notesdrvjni.dll) successfully loaded."
If this text does not appear, or if you see a different message, the feature is automatically disabled within the NotesDriverShim.
Upon receiving the modify-password command, the NotesDriverShim attempts to modify the Notes user.id file passwords if the modify-password command has the following elements:
An old-password
A password element
A user-id-file="c:\Lotus\Domino\ids\people\JohnDoe.id" XML attribute as a custom parameter
This custom parameter is the same as that used for add commands, but in this case the specified filename is never used in conjunction with the user-id-path parameter because it is with an add command. If a full path is not specified, the NotesDriverShim directs the user.id file search to the default directory that the driver is using (the Notes/Domino data folder).
This user-id-file parameter can also be used to specify multiple ID files by separating the ID filenames with semicolons (";"). (such as user-id file="ids\people\JohnDoe.id;ids\people\johnnydoe.id;c:\Temp\jd.id".
ID files that require multiple passwords cannot be set by using this feature. However, it is possible to use this feature to change the password for a user.id file, a server.id file, or a cert.id file. Below is a general example of an XDS command setting a password for JohnDoe.id:
<input> <modify-password class-name="Person" event-id="pwd-subscribe" src-dn="\PWDSYNCTREE\sync\dom\unit\JohnDoe" src-entry-id="35952" user-id-file="c:\Lotus\Domino\ids\people\JohnDoe.id"> <association>D9628831A988381AC12570F9005BE6B3</association> <old-password>zyxwvut321</old-password> <password>abcdefg123</password> </modify-password> </input>
The NotesDriverShim must have appropriate read and write file system access to the specified user.id file. When a correct user-id-file="user.id" XML attribute and valid <old-password> and <password> elements are available to the modify-password command, this command then modifies an existing user.id file password, as well as the HTTPPassword within the NAB.
You can control whether the NotesDriverShim modifies the user.id password or the HTTPPassword by using the following driver parameters that you set within subscriber-options section of the driver configuration:
allow-http-password-set allow-userid-password-set
These subscriber-options parameters are Boolean and can be set to True or False, depending on the desired default behavior of the NotesDriverShim. They can also be used as override parameters when you set them as attributes to the <modify-password> element.
If you only want to modify the HTTPPassword, omit the user-id-file attribute from the XDS command, or apply the allow-userid-password-set="false" attribute. If you only want to modify the user.id password, then apply the allow-http-password-set="false" attribute.