强制注释用户在下次登录时使用lotus脚本更改密码/互联网密码

时间:2017-07-21 02:49:13

标签: lotus-notes lotusscript

实际上我已经创建了一个代理来创建具有默认密码的用户ID。我想强制用户更改下次登录时的互联网密码和Notes ID密码。有没有办法使用Lotus脚本方法来改变它?或者管理员仍然需要使用每个用户配置文件来勾选该功能。

这是我的代理商代码,用于创建ID

Sub Initialize
    '   this agent use on [register] button locate on [request form] xpages

    Dim s As New NotesSession, db As NotesDatabase, a As NotesAgent
    Dim doc As NotesDocument
    Set db = s.Currentdatabase
    Set a = s.Currentagent
    Set doc = s.Documentcontext     '   uidoc 

    Dim certid As String 'full path of cert id
    Dim certpasswd As String
    Dim OU As String
    Dim lastname As String
    Dim firstname As String
    Dim middleinit As String
    Dim usrIdpath As String
    Dim mailsvr As String
    Dim mailfile As String
    Dim userpasswd As String
    Dim internetpath As String

    Dim depvw As NotesView, depdoc As NotesDocument
    Set depvw = db.Getview("Department sort by dept")
    Set depdoc = depvw.Getdocumentbykey(doc.Dept(0), True)
    If Not depdoc Is Nothing Then
        certid = depdoc.IdPath(0)                   '   full path of cert id
        certpasswd = depdoc.IdPassword(0)               '   Cert id password(password)
        OU = ""                         '
        lastname= doc.Name(0)                   '   current document selected mail (person)
        firstname = ""                      '   [din't used]
        middleinit = ""                     '   [din't used]
        usrIdpath = depdoc.DptIdStor(0) +doc.SelectMail(0)+ ".id"   '   user path
        mailsvr = depdoc.MailSvr(0)                 '   mail svr
        mailfile = depdoc.MailLocation(0)+doc.SelectMail(0)         '   Mail\Person
        userpasswd= depdoc.UserPassword(0)          '   User password
        internetpath = doc.SelectMail(0)+depdoc.InternetPath(0)     '   mail address

    End If

    Dim reg As New NotesRegistration
    Dim dt As Variant
    dt = DateNumber(Year(Today)+1, Month(Today), Day(Today))

    reg.RegistrationServer = mailsvr        '"CN=ServerOne/O=dev"
    reg.CreateMailDb = True                 '
    reg.CertifierIDFile = certid            '"C:\IBM\Domino\data\office.id"
    reg.Expiration = dt
    reg.IDType = ID_HIERARCHICAL
    reg.MinPasswordLength = 1               ' password strength
    reg.IsNorthAmerican = True
    reg.OrgUnit = OU                ' "" empty ..will just follow certid registration
    reg.RegistrationLog = "log.nsf"
    reg.UpdateAddressBook = True
    reg.StoreIDInAddressBook = True
    reg.MailInternetAddress =  internetpath 


    Call reg.RegisterNewUser(lastname, _    ' last name
    usridpath, _                '"C:\IBM\Domino\data\ +name+.id"    ' file to be created
    mailsvr, _                  '"CN=ServerOne/O=dev"               ' mail server
    firstname, _                ' first name
    middleInit, _               ' middle initial
    certpasswd, _               '"office"                           ' certifier password
    "", _                                       ' location field
    "", _                                       ' comment field
    mailfile, _                 '"mail\person.nsf"                 ' mail file
    "", _                                   ' Forwarding domain
    userpasswd, _               '"password", _                   ' user password
    NOTES_DESKTOP_CLIENT)               ' user type

    Print "Please wait ...... Registration in progress"
End Sub

问题1:下次登录时如何强制用户更改备注密码

问题2:如何强制用户下次登录时更改互联网密码

问题3:每次创建笔记ID是否都可以自动保存到ID库?根据我的理解,ID库是一个存储所有ID的数据库。如果我错了,请告诉我。谢谢!

2 个答案:

答案 0 :(得分:0)

不确定reg ID Vault,但是为了更改密码,我认为您只需设置字段HTTPPasswordForceChange = "1"

答案 1 :(得分:0)

我在your other question回答了你的第2号问题。

问题1和问题3密切相关:

首先在您的域中设置ID-Vault。现在它真的是多米诺骨牌。按照管理员的帮助,这是一个简单的1-2-3步骤。设置保管库后,只要您为通过分层策略分配保管库的认证者注册用户,ID就会自动上传到该保险库。

说:我永远不会将用户ID存储在地址簿中,因为EVERYBODY可以从那里访问它并伪装成该用户(假设他可以查询您的默认密码/给定密码)。

要强制用户在首次登录后更改Notes密码,我还会使用id保险库:每当您使用保险库更改用户密码时,它将自动强制用户在下次登录后更改密码:

这是一个简单的单行代码:

Call s.Resetuserpassword( mailsvr, "CN=User/O=dev", userpasswd )

最困难的是在您的保管库中获取正确的权限(将该选项设置为允许以编程方式为您的代码的签名者及其运行的代理使用保管库)