Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

alt

Daniel Nashed

ID Vault Support for iNotes Traveler BES

Daniel Nashed – 27 January 2010 09:22:06
Since 8.5.1 Domino has support for external applications to leverage ID Vault to deploy Notes.IDs into the mailfile.
The current versions of Traveler, BES and iNotes do already support this functionality.
To get this working you need a special setting in the Security Policy / ID Vault section you have to enable "Allow Notes-based programs to use the Notes ID Vault" as shown below.


Image:ID Vault Support for iNotes Traveler BES

The second important part is that the application uses a new parameter in the C-API call to extract the Notes.ID.
This will hopefully be documented in the next C-API toolkit but has been mentioned in the security presentation (ID204) at Lotusphere last week.

STATUS LNPUBLIC SECExtractIdFileFromDB(
       DBHANDLE  hDB,
       char *pProfileNoteName,
       DWORD  ProfileNoteNameLength,
       char *pUserName,
       DWORD  UserNameLength,
       char *pPassword,
       char *pPutIDFileHere,
       DWORD  Reserved,
       
void *pReserved);

To have this functionality enabled in your code you need to pass the full qualified, expanded name (CN=John Doe/O=Acme) to the pReserved parameter.
If the parameter is not passed and the ID is not already loaded into the profile you will receive an error.
In case the parameter is filled the code will automatically leverage ID Vault to download the Notes.ID from the Vault and attach it to the profile.

This is a very convenient way to deploy Notes.IDs for iNotes, Traveler and BES users with the current release.
If you are an ISV, leveraging this routine you should update your code to pass the pReserved Parameter to enable this functionality.

-- Daniel




Links

    Archives


    • [HCL Domino]
    • [Domino on Linux]
    • [Nash!Com]
    • [Daniel Nashed]