Recently I posted about implementing the Microsoft IBM/Lotus Domino Management Agent.
In the implementation I needed to synchronise password changes from Active Directory to Lotus Notes (HTTP Password).  After configuring PCNS to send password change events to the FIM/MIM server, and configuring the IBM Domino MA as a password target I was hoping everything would just fire up like it normally does with PCNS.
However on a “password change event” I encountered the following error in the FIM/MIM Event Log.

The password management extension encountered an error.
 The stack trace is:
 "System.NotImplementedException: The method or operation is not implemented.
 at Microsoft.IdentityManagement.MA.LotusDomino.LotusDominoMA.GetConnectionSecurityLevel()
Forefront Identity Manager 4.4.1302.0"


and subsquently

A password synchronization set operation has failed in a target connected data source.
Additional information:
Tracking ID: {6C16DFCE-7A40-4047-A3F6-B4ED662E1F1B}
Reference ID: {AC6208BC-6275-46F7-99B6-374FE21DAE0D}
Target Object GUID: {4C91916B-DA12-E711-80DB-000D3AD0F0A5}
Target DN: CN=Joe User,OU=OrgU,O=Org-Aus,NAB=Names.nsf
Target MA Name: IBM Notes
Retry Count: 1
ErrorCode: 0x80230703
ErrorString: (The extension threw an exception.)

Troubleshooting the issue I worked out that if I disabled the default of “Require secure connection for password synchronization operations” on the IBM Notes Management Agent as per the screenshot below, then everything works as expected.

Maybe this is due to a configuration option in the Domino environment I’m connecting too, or not. I’m not sure, but this got it working.
I’d love to check that box again, so if anyone else has an explanation for why/how I’d love to hear it.

Category:
FIM, Identity and Access Management
Tags:
, , , , ,