Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

ID Vault Support for iNotes Traveler BES

Daniel Nashed  27 January 2010 10:22:06

Since 8.5.1 Domino has support for external applications to leverage ID Vault to deploy Notes.IDs into the mailfile.
The current versions of Traveler, BES and iNotes do already support this functionality.
To get this working you need a special setting in the Security Policy / ID Vault section you have to enable "Allow Notes-based programs to use the Notes ID Vault" as shown below.




The second important part is that the application uses a new parameter in the C-API call to extract the Notes.ID.
This will hopefully be documented in the next C-API toolkit but has been mentioned in the security presentation (ID204) at Lotusphere last week.

STATUS LNPUBLIC SECExtractIdFileFromDB(
        DBHANDLE hDB,
        char *pProfileNoteName,
        DWORD ProfileNoteNameLength,
        char *pUserName,
        DWORD UserNameLength,
        char *pPassword,
        char *pPutIDFileHere,
        DWORD Reserved,
        void *pReserved);

To have this functionality enabled in your code you need to pass the full qualified, expanded name (CN=John Doe/O=Acme) to the pReserved parameter.
If the parameter is not passed and the ID is not already loaded into the profile you will receive an error.
In case the parameter if filled the code will automatically leverage ID Vault to download the Notes.ID from the Vault and attach it to the profile.

This is a very convenient way to deploy Notes.IDs for iNotes, Traveler and BES users with the current release.
If you are an ISV, leveraging this routine you should update your code to pass the pReserved Parameter to enable this functionality.

-- Daniel



Comments
No Comments Found

  • [IBM Lotus Domino]
  • [Domino on Linux]
  • [Nash!Com]
  • [Daniel Nashed]