Skip to content

Instantly share code, notes, and snippets.

@darrenjrobinson
Last active November 17, 2018 22:39
Show Gist options
  • Save darrenjrobinson/238ef1723c6faa8b126ad07d87510a43 to your computer and use it in GitHub Desktop.
Save darrenjrobinson/238ef1723c6faa8b126ad07d87510a43 to your computer and use it in GitHub Desktop.
IBM Lotus Domino Notes FIM MIM PowerShell Management Agent Password Script. Supporting blog post is located here https://blog.darrenjrobinson.com/synchronizing-passwords-from-active-directory-to-the-ibmlotus-domino-identity-vault-using-microsoft-identity-manager-part-3/
param
(
$Username,
$Password,
$Credentials,
$Action,
$OldPassword,
$NewPassword,
[switch] $UnlockAccount,
[switch] $ForceChangeAtLogOn,
[switch] $ValidatePassword
)
BEGIN
{
}
PROCESS
{
$log = "C:\PROGRA~1\MICROS~4\2010\SYNCHR~1\EXTENS~2\NotesPWD\Debug\PWDSync.txt"
"=============================================================" | out-file $log -Append
$DisplayName = $_["displayName"].Value
"Display Name: $DisplayName" | Out-File $log -Append
"Action: $Action" | Out-File $log -Append
"Old pwd: $OldPassword" | Out-File $log -Append
"New pwd: $NewPassword" | Out-File $log -Append
"Unlock: $UnlockAccount" | Out-File $log -Append
"Force change: $ForceChangeAtLogOn" | Out-File $log -Append
"Validate: $ValidatePassword" | Out-File $log -Append
# Create a Lotus Domino Session using the Com Class
# from the local machine created by the Lotus Domino Client install
$Session = New-Object -comobject Lotus.NotesSession
#Specifying the Password (the password matching your notes.id file) provided from the MA Config
$NotesPassword = $Password
# The Domino Server that has our PWDChange DB
$NotesHost = "XXXNotes1/XXXXX-Aus"
# The DB Name that contains our Notes Agents that will perform the Password Chage
$Database = "IDVaultP.nsf"
# Initialize the Notes Session. Uses the Default ID from the local Notes Client
# and the associated settings in the notes.ini config file
$Session.Initialize($NotesPassword)
# Get the DB
$db = $Session.GetDatabase($NotesHost, $Database)
"Database: $db.Filename" | Out-File $log -Append
# Create a new Document with the details of the user to change the password for
$newdoc = $db.CreateDocument()
# serer to run the Agent on
$newdoc.AppendItemValue("server","XXXNotes1/XXXXX-Aus")
# users Notes name in the format of "Joe Blogs/OrgUnit/Organization
$newdoc.AppendItemValue("username",$DisplayName)
# new password
$newdoc.AppendItemValue("password",$NewPassword)
# save the document
$newdoc.save($true,$true,$true)
$view = $db.GetView('PWDChange')
$writtendoc = $view.GetLastDocument()
"Last Document $writtendoc" | Out-File $log -Append
# Run our Agent to process the change.
$triggerAgent = $db.GetAgent("MIMPwdTrigger")
$triggerAgent.RunOnServer("")
}
END
{
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment