Used as an event notification from the PublicationShim to Identity Manager that an object password is modified in the application. When used as a notification, an <association> is required. Also used as a command from Identity Manager to the SubsciptionShim to modify an object password in the application. When used as a command, an <association> is required and is the unique key of the object to modify.
When the target is eDirectory, and <old-password> is specified, the modifyPassword API is used to modify the password. If not specified, the GenerateKeyPair API is used. Using GenerateKeyPair might invalidate authentication credentials for any existing session authenticated as the target object.
When the target is the application, a driver might or might not implement this functionality, depending on the applicability to the application.
A response to <modify-password> should be a <status> indicating whether or not the <modify-password> is processed successfully.
<modify-password class-name="User" src-dn="\Sam"> <association>1012</association> <password>mypassword<password> </modify-password>
Element |
Description |
---|---|
Unique key of the application object. |
|
The old authentication password. |
|
The authentication password. |
|
The operation adds additional custom data. |
Attribute |
Possible Values |
Default Value |
---|---|---|
class-name |
CDATA The name of the base class of the object. The class name is mapped between the application and eDirectory namespaces by the Schema Mapping policy so that Identity Manager sees the name in the eDirectory namespace and a driver sees the name in the application namespace. Required when used as a notification. |
#IMPLIED |
dest-dn |
CDATA The distinguished name of the target object in the namespace of the receiver. |
#IMPLIED |
dest-entry-id |
CDATA The entry ID of the target object in the namespace of the receiver. Reserved. Should be ignored by the driver. |
#IMPLIED |
event-id |
CDATA An identifier used to tag the results of an event or command. |
#IMPLIED |
qualified-src-dn |
CDATA The qualified version of the src-dn. Only used for describing objects from eDirectory. |
#IMPLIED |
src-dn |
CDATA The distinguished name of the source object that generated the event in the namespace of the sender. |
#IMPLIED |
src-entry-id |
CDATA The entry ID of the source object that generated the event in the namespace of the sender. Reserved. Should be ignored by the driver. |
#IMPLIED |
timestamp |
CDATA Reserved. Should be ignored by the driver. |
#IMPLIED |
( association ? , old-password ? , password , operation-data ? )
Element |
Description |
---|---|
Input events or commands. |