4.4 Using Driver Parameters

To change driver parameters, edit the Driver Parameters page.

  1. In iManager, click Identity Manager > Identity Manager Overview.

  2. Find the driver in its driver set.

  3. Click the driver icon to display the Driver Overview page.

  4. Click the driver icon again to display the Modify Object page.

  5. Click Driver Configuration.

  6. Use the information in the sections that follow to upgrade driver parameters.

4.4.1 Driver Options

The first column of the following table contains the parameter name followed by its common description. The parameters are alphabetized according to the XML parameter name.

The third column of the following table contains XML text that you can paste into the Driver Parameters XML editor. The XML text represents exactly what is necessary to display the parameters. You can also place the information that you see under the Description heading within the < description> </ description> parameters.

Table 4-1 Driver Parameters

Parameter Name and Common Description

Description

XML to Define Driver Parameters

allow-document-locking

Allow Document Locking

Enables Notes database documents to be locked by the Notes Driver shim if they are being modified. This parameter is only valid in Lotus Notes 6.5 or higher, and if the Notes database has the Allow document locking checkbox selected.

< definition display-name="Allow Document Locking?" name="allow-document-locking" type="boolean"> < description> </ description>

< value>true</ value> </ definition>

cert-id-file

Default Certifier ID file

The default Notes Certifier ID file that is used to register user objects in the Notes Address Book. The full path of the file should be represented with respect to the operating system hosting Domino.

< definition display-name="Default Certifier ID File" name="cert-id-file" type="string"> < description> </ description>

< value>c:\lotus654\domino\data\ids\people\ndriver.id</ value> </ definition>

cert-id-password

Default Certifier ID password

The default Notes Certifier ID file password that is used to register user objects in the Notes Address Book.

When using the type=“password-ref” attribute of this parameter, the password is encrypted and securely stored with the Driver Configuration. When securely stored in this fashion, the password can then be referenced by the Metadirectory engine or a driver using the key name specified. (In this example, defaultCertPwd.)

< definition display-name="Default Certifier Password" is-sensitive="true" name="cert-id-password" type="password-ref"> < description> </ description>

< value>defaultCertPwd</ value> </ definition>

directory-file

Directory File or Input Database

The filename of the database to be synchronized with the Identity Vault. Specify this item without full path information.

< definition display-name="Directory File" name="directory-file" type="string"> < description> </ description>

< value>names.nsf</ value> </ definition>

is-directory

Notes Address Book

Specify True if the input database (directory file) is a Notes Address book; otherwise, specify False.

< definition display-name="Notes Address Book?" name="is-directory" type="boolean"> < description> </ description>

< value>true</ value> </ definition>

janitor-cleanup-interval

Janitor Cleanup Interval

Janitor cleanup checks for and releases resources that might have been orphaned by unfinished query-ex sequences. This interval determines how often to perform this service.

< definition display-name="Janitor Cleanup Interval (in minutes)" name="janitor-cleanup-interval" type="integer"> < description> </ description>

< value>30</ value> </ definition>

notes-domain

Notes Domain Name

The name of the Notes domain the driver is running against. It might be different from the Notes Organization name, and therefore can’t be derived from the server name.

< definition display-name="Notes Domain Name" name="notes-domain" type="string"> <description> </description>

< value>PROVO1</ value> </ definition>

server-id-file

Server ID File (deprecated)

The Notes Server ID file associated with the Notes Server this driver authenticates to (This is optional). The full path of the file should be represented with respect to the operating system hosting Domino. This ID file need not be the server ID file. It can actually be an ID file that has no password (and need not have any access anywhere).

< definition display-name="Domino Server ID File" name="server-id-file" type="string"> < description> </ description>

< value>c:\lotus654\domino\data\server.id</ value> </ definition>

update-file

Update File or ndsrep polling cache

The filename of the database used to cache database changes that need to be published to the Identity Vault. The default is ndsrep.nsf. Specify this item without full path information.

The Driver's Domino add-in process ndsrep creates this database. Within this database, filtered updates are cached before being consumed by the Notes Driver's publisher.

< definition display-name="Update File" name="update-file" type="string"> < description> </ description>

< value>ndsrep.nsf</ value> </ definition>

user-id-file

Notes User ID file

The Notes User ID file associated with the Notes User this driver represents (this is required). The full path of the file should be represented with respect to the operating system hosting Domino. The password associated with this user ID file is input in the following user interface section: Driver Configuration > Authentication > Specify the application password.

< definition display-name="Notes Driver User ID File" name="user-id-file" type="string"> < description> </ description>

< value>c:\lotus654\domino\data\ids\people\ndriver.id</ value> </ definition>

4.4.2 Subscriber Options

The first column of the following table contains the parameter name followed by its common description. The parameters are alphabetized according to the XML parameter name.

The third column of the following table contains XML text that you can paste into the Driver Parameters XML Editor. The XML text represents exactly what is necessary to display the parameters. You can also place the information that you see under the Description heading within the < description> </ description> parameters.

NOTE:Some parameters have values that are listed in second (Description) column. These parameters contain values such as Success, Warning, Error, Retry, or Fatal. The proper XML text for such parameters can be found in the file drvparamdefs.xml.

Table 4-2 Subscriber Channel Parameters

Parameter Name and Common Description

Description

XML to Define Driver Parameters

allow-adminp-support

Allow Domino AdminP Support

Specifies that AdminP features can be used. AdminP features are supported only for users of Lotus Notes 6.0.3 or later.

If you have Lotus Notes 6.0.3 or later and you want to use the AdminP features, you must add this parameter and set it to True.

If the parameter does not exist in the driver parameters, the default setting is False.

This parameter can be overridden on a command-by-command basis by using the attribute Allow AdminP Support described in Table 4-4.

< definition display-name="Allow Domino AdminP Support" name="allow-adminp-support" type="boolean"> < description> </ description>

< value>true</ value> </ definition>

allow-http-password-set

Allow Notes Web (HTTP) Password Set

Set the parameter to True to allow the Notes driver to set or to change the Web (HTTP) password attribute on user objects. Set the parameter to False to disallow the Notes driver from setting or changing the web (HTTP) password attribute on user objects. The default setting is True.

< definition display-name="Allow Notes Web (HTTP) Password Set" name="allow-http-password-set" type="boolean"> < description> </ description>

< value>true</ value> </ definition>

allow-userid-password-set

Allow user.id Password Set

Specifies if the NotesDriverShim should modify the password of user.id files. This parameter can be overridden by < allow-userid-password-set> as an attribute to the < modify-password> element.

< definition display-name="Allow user.id password set" name="allow-userid-password-set" type="boolean"> < description> </ description>

< value>true</ value> </ definition>

cert-log

Registration/ Certification Log File

The Notes Certification log file that is used to record the registration of user objects in the Notes Address Book. Specify this item without full path information.

< definition display-name="Registration/Certification Log File" name="cert-log" type="string"> < description> </ description>

< value>certlog.nsf</ value> </ definition>

cert-path

ID File Storage Location

This parameter specifies the default Notes User ID file (certifier) storage location that is used when user objects are registered and ID files are created. New ID files are placed in this location. The full path of the folder should be represented in relationship to the operating system hosting Domino.

You can override this default setting by using the XML tag attribute user-id-path.

< definition display-name="User ID File Storage Location" name="cert-path" type="string"> < description> </ description>

< value>c:\lotus654\domino\data\ids\people</ value> </ definition>

cert-users

Certify/Register Users

This parameter indicates the default behavior for the driver regarding Notes user account creation. Yes indicates the driver by default attempts to register users in the Notes Address book by certifying them and creating an ID file for each user when add events are received.

You can override this default setting by using the XML certify-user attribute.

< definition display-name="Certify (register) Notes Users" name="cert-users" type="boolean"> < description> </ description>

< value>true</ value> </ definition>

create-mail

Create Mail DB

This parameter indicates the default behavior for the driver regarding e-mail account creation. True indicates the driver by default attempts to create a Notes Mail database (mailfile) when adding a new user.

You can override this default setting by using the XML create-mail attribute.

< definition display-name="Create User E-Mail Box" name="create-mail" tmpId="238" type="boolean"> < description> </ description>

< value>true</ value> </ definition>

db-creation-max-collisions

Number of File Creation Collision Retry Attempts

Specify a positive integer value indicating the highest number to append to a filename when attempting to resolve filename collisions. If the NotesDriverShim cannot create a mailfile or a mailfile replica because of a filename collision, the NotesDriverShim appends an integer text value to the end of the attempted filename and tries again to create the file. Thus, if the mailfile JohnDoe.nsf already exists, then the NotesDriverShim attempts to create JohnDoe1.nsf. If this value is 0, then this file creation after filename collision feature is not invoked.

< definition display-name="Number of File Creation Collision Retry Attempts" name="db-creation-max-collisions" type="integer">

< value>5</ value> </ definition>

default-http-password

Default HTTP Password

The default Notes Web (HTTP) password set for newly created Notes users.

You can override this default setting by using the XML user-pwd attribute tag.

< definition display-name="Default HTTP Password" name="default-http-password" type="string"> < description> </ description>

< value>notes</ value> </ definition>

default-password

Default Notes Password

The default Notes User ID password for newly created Notes users.

You can override this default setting by using the XML user-pwd attribute.

< definition display-name="Default Notes Password" name="default-password" type="string"> < description> </ description>

< value>notes</ value> </ definition>

expiration-term

Expiration Term

The default expiration term (specified in years) for newly created Notes User ID files.

You can override this default setting by using the XML attribute expire-term.

< definition display-name="Default User ID File/Registration Expiration Term (in years)" name="expiration-term" type="integer"> < description> </ description>

< value>2</ value> </ definition>

internet-mail-domain

Internet Mail Domain Name

Obsolete in version 2.0.

< definition display-name="Internet Mail Domain" name="internet-mail-domain" type="string"> < description> </ description>

< value></ value> </ definition>

mailfile-acl-level

Add User E-Mail ACL Level

The default ACL setting for the newly created mail file of newly created user objects. Valid values are NOACCESS, DEPOSITOR, READER, AUTHOR, EDITOR, DESIGNER, and MANAGER. When no ACL setting is specified, the setting defaults to MANAGER.

You can override this default setting by using the XML attribute mailfile-acl-level.

< definition display-name="Add User E-Mail: E-Mail Database ACL Setting" name="mailfile-acl-level" type="enum"> < description> </ description>

< value>default</ value> </ definition>

See Note at the top of Subscriber Options, then use the values under the Description heading for this parameter.

mailfile-path

User Mail File Storage Location

A mail storage path relative to the Domino data storage location where mail files are stored if created by the driver. For example, if the parameter is set to “mail,” then new mail files created by the driver on the Domino server (running on Linux) are stored in the /local/notesdata/mail folder.

<definition display-name="User Mail File Storage Location" name="mailfile-path" type="string"> <description> </description>

<value>mail</value> </definition>

mailfile-template

E-Mail File Template

The .ntf database template to be used when creating a new mail database when the driver creates a user e-mail account. This template must be accessible to the Domino server in the Domino data folder.

< definition display-name="Mail File Template" name="mailfile-template" type="string"> < description> </ description>

< value>mail654.ntf</ value> </ definition>

mail-server

Domino Mail Server Name

The DN of the Domino Server that holds the mail files.

You can override this default setting by using the XML < MailServer> element as a child of the add event element, or the mail-server XML attribute tag.

< definition display-name="Domino Mail Server Name" name="mail-server" type="string"> < description> </ description>

< value>CN=blackcap/O=novell</ value> </ definition>

minimum-pwd-len

Notes Password Strength

The default minimum password strength (0-16) for newly created Notes User ID files.

You can override this default setting by using the XML attribute tag minimum-pwd-len.

< definition display-name="Notes Password Strength (0 - 16)" name="minimum-pwd-len" type="integer"> < description> </ description>

< value>2</ value> </ definition>

north-american-flag

Is Domino Server North American?

North American Server User ID file (certifier) property. Set to True only if the Domino Server is in North America. According to Domino registration requirements, this attribute is required for user ID file creation.

< definition display-name="Is Domino Server North American?" name="north-american-flag" type="boolean"> < description> </ description>

< value>true</ value> </ definition>

notes-doc-lock-fail-action

Notes Document Locking Failure Action

Specify the action (document return code) the Notes Driver returns to the Metadirectory engine if the Notes Driver fails to acquire a document lock. The value choices are Retry (default), Warning, Error, Fatal, and Success.

This parameter is overwritten by retry-status-return and is only valid if the allow-document-locking is set to True.

<definition display-name="Document Lock Failure Action" name="notes-doc-lock-fail-action" type="enum">

< value>retry</ value> </definition>

See Note at the top of Subscriber Options.

notes-save-fail-action

Notes Document Save Failure Return Code

Specify the action (document return code) the Notes Driver returns to the Metadirectory engine if the Notes Driver fails to properly save a document in the synchronized Notes database. If the parameter does not exist in the driver parameters, the default value is Retry.

Possible values are Success, Warning, Error, Retry, or Fatal.

You can use this parameter when troubleshooting and is overwritten by retry-status-return attribute.

< definition display-name="Notes Document Save Failure Return Code" name="notes-save-fail-action" type="enum"> < description> </ description>

< value>warning</ value> </ definition>

See Note at the top of Subscriber Options.

notes-v1-schema-format

Use NotesDriver v1 Schema Format

Specifies whether the NotesDriver should publish Notes schema documents in its original v1 format.

<definition display-name="Use NotesDriver v1 schema format" name="notes-v1-schema-format" type="boolean"> <description> </description>

< value>true</ value> </ definition>

retry-status-return

Failed Command Reply Status

Specify the action (document return code) the Notes Driver returns to the Metadirectory engine if the Notes Driver cannot process a command due to connectivity or application processing failure. If the parameter does not exist in the driver parameters, the default setting is Retry.

Possible values are Success, Warning, Error, Retry, or Fatal.

This parameter can be used when troubleshooting critical situations, and takes precedence over notes-save-fail action and notes-doc-lock-fail-action.

< definition display-name="Retry Status Return Code" name="retry-status-return" type="enum"> <enum-choice display-name=”Retry”> retry <enum-choice>< description> </ description>

< value>retry</ value> </ definition>

See Note at the top of Subscriber Options.

store-id-ab-flag

Store User ID in Address Book

This flag indicates the default behavior for the driver for attaching user ID files on their respective user objects in the Notes Address Book at registration time.

Setting the flag to True causes registered user objects in the Notes Address Book to be created with an attached user ID file.

Setting the flag to False causes registered user objects in the Notes Address Book to be created without an attached user ID file.

You can override this default setting by using the XML attribute store-useridfile-in-ab.

< definition display-name="Store User ID File in Address Book" name="store-id-ab-flag" type="boolean"> < description> </ description>

< value>true</ value> </ definition>

update-ab-flag

Add Registered Users To Address Book

This parameter indicates the default behavior for the driver for placing registered user objects in the Notes Address Book. Setting the flag to True causes registered users to be placed in the address book. Setting the flag to False causes users to be registered (meaning that a certifier ID file is created for the user) without the user object being placed into the Notes Address Book.

You can override this default setting by using the XML attribute update-addressbook.

<definition display-name="Add Registered Users to Address Book" name="update-ab-flag" type="boolean"> <description> </description>

< value>true</ value> </ definition>

4.4.3 Publisher Options

The first column of the following table contains the parameter name followed by its common description. The parameters are alphabetized according to the XML parameter name.

The third column of the following table contains XML text that you can paste into the Driver Parameters XML Editor. The XML text represents exactly what is necessary to display the parameters. You can also place the information that you see under the Description heading within the < description> </ description> parameters.

NOTE:Some parameters have values that are listed in second (Description) column. These parameters contain values such as Success, Warning, Error, Retry, or Fatal. The proper XML text for such parameters can be found in the file drvparamdefs.xml.

Table 4-3 Publisher Channel Parameters

Parameter Name and Common Description

Description

XML to Define Driver Parameters

check-attrs-flag

Check Attributes

The ndsrep check and publish attributes parameter. Set to True if only modified attributes within the Publisher filter should be sent to the Identity Vault via the Publisher channel when a Notes object is modified. Set to False if all sync attributes specified within the Publisher filter should be sent to the Identity Vault via the Publisher channel when a Notes object is modified.

The default value is True.

< definition display-name="Check Attributes?" name="check-attrs-flag" type="boolean"> < description> </ description>

< value>true</ value> </ definition>

config-db-name

NDSREP Configuration Database

The ndsrep configuration database filename created and maintained by the driver. This parameter controls which .nsf database the driver shim uses to write its publication options.

The full path of the filename should be represented with respect to the operating system hosting Domino. When using this parameter, ndsrep needs to be loaded with the -f filename parameter.

ndsrep load example:

load ndsrep NotesDriver2 -f /home/notes/mycfg.nsf

If this parameter is not present, by default the Configuration database filename is set to dsrepcfg.nsf and is normally located in the Domino data folder.

If the name of your driver includes spaces, then you must put quotes around the name.

< definition display-name="NDSREP Configuration database" name="config-db-name" type="string"> <description> </description>

< value>mycfg.nsf</ value> </ definition>

dn-format

DN Format

The Distinguished Name format used by ndsrep. Valid values are NOTES_TYPED, NOTES, SLASH_TYPED, SLASH, LDAP, LDAP_TYPED, DOT, and DOT_TYPED. The default is NOTES_TYPED.

< definition display-name="DN FORMAT" name="dn-format" type="enum"> < description> </ description>

< value>NOTES_TYPED</ value> </ definition>

instance-id

NDSREP Configuration Instance

The ndsrep configuration instance name created and maintained by the driver within the ndsrep configuration database. This parameter controls which database note the driver shim uses to read and write its publication options within the ndsrep configuration database. When using this parameter, ndsrep utilizes the settings of this configuration instance when loaded with this instance name as a parameter.

If this parameter is not present, by default the configuration instance is set to the name of the driver (the driver RDN in eDirectory.)

ndsrep load example:

load ndsrep NotesDriver2

If the name of your driver includes spaces, then you must put quotes around the name.

<definition display-name="NDSREP Configuration Instance" name="instance-id" type="string"> <description> </description>

< value>NotesDriver2</ value> </ definition>

loop-detect-flag

Enable Loop Back Detection

Loopback detection parameter. Set to True to enable loopback detection. Set to False to disable loopback detection.

<definition display-name="Enable Loop Back Detection" name="loop-detect-flag" type="boolean"> <description> </description>

< value>true</ value> </ definition>

ndsrep-console-trace-level

NDSREP Console Trace Level

Possible values are SILENT, NORMAL, VERBOSE, or DEBUG.

If this parameter is not present, the default setting is NORMAL.

<definition display-name="NDSREP Domino Console Trace Level" name="ndsrep-console-trace-level" type="enum"> <description> </description>

< value>NORMAL</ value> </ definition>

See Note at the top of Publisher Options, then use the values under the Description heading for this parameter.

schedule-units

NDSREP Schedule Units

The ndsrep polling interval unit. Valid values are SECONDS, MINUTES, HOURS, DAYS, and YEARS. The default value is SECONDS.

<definition display-name="NDSREP Polling Units" name="schedule-units" type="enum"> <description> </description>

< value>SECONDS</ value> </ definition>

See Note at the top of Publisher Options, then use the values under the Description heading for this parameter.

schedule-value

NDSREP Schedule Value

The ndsrep polling interval unit value. This value is utilized in conjunction with the < schedule-units> configuration parameter.

<definition display-name="NDSREP Polling interval" name="schedule-value" type="integer"> <description> </description>

< value>30</ value> </ definition>

polling-interval

Polling Interval

Notes Driver Shim publisher polling interval, specified in SECONDS, MINUTES, HOURS, and DAYS,.

<definition display-name="Polling Interval (in seconds)" name="polling-interval" type="integer"> <description> </description>

< value>30</ value> </ definition>

pub-heartbeat-interval

Publication Heartbeat Interval

Publication Heartbeat Interval specified in minutes. If no documents are sent on the Publisher channel for this specified interval (duration of time), then a heartbeat document is sent by the driver. A value of 0 indicates that no heartbeat documents are to be sent.

If this parameter is not present, by default the publication heartbeat interval is 0.

<definition display-name="Heartbeat Interval (in minutes)" name="pub-heartbeat-interval" type="integer"> <description> </description>

< value>0</ value> </ definition>

pub-heartbeat-interval-seconds

Publication Heartbeat Interval (in seconds)

Publication Heartbeat Interval specified in seconds. This parameter can be used instead of pub-heartbeat-interval to provide finer interval size granularity. If no documents are sent on the Publisher channel for this specified interval (duration of time), then a heartbeat document is sent by the driver. A value of 0 indicates that no heartbeat documents are to be sent.

If this parameter is not present, by default the publication heartbeat interval is 0.

<definition display-name="Heartbeat Interval (in seconds)" name="pub-heartbeat-interval-seconds" type="integer"> <description> </description>

< value>0</ value> </ definition>

write-timestamps-flag

Write Time Stamps?

Whether ndsrep writes special driver time stamp on synchronized Notes parameter. Set to True to have ndsrep write a driver specific time stamp on all Notes objects that are synchronized. This special driver time stamp is used to more accurately determine Notes object attribute updates. Set to False to have ndsrep determine Notes object attribute updates based on existing Notes object time stamps.

The default value is True.

<definition display-name="Write Time Stamps?" name="write-timestamps-flag" type="boolean"> <description> </description>

< value>true</ value> </ definition>