Digging deeper into the secrets of Notes Shared Login, I’ve tried to debug NSL.Looking into the output, I see some C API calls and I understand that the *.bin file (see one of my earlier questions) is used as a Secret.
I assume that the binary contents of the file is used as secret to en/decrypt the ID file.
Further more I see, that Windows Data Protection API (DPAPI) is used (see one of my earlier questions).
Is there already a C API documentation available?
What about further more C API functions like SECExportIDFileFromNSL or SECConvertIDFileFromNSL,etc?
What are further means for troubleshooting NSL?
Is EnableNewNSL=1 a means to enable NSL without using a policy?
Subject: DebugNSL=1, more inside
Digging deeper into the secrets of Notes Shared Login, I’ve tried to debug NSL.Looking into the output, I see some C API calls and I understand that the *.bin file (see one of my earlier questions) is used as a Secret.
I assume that the binary contents of the file is used as secret to en/decrypt the ID file.
Further more I see, that Windows Data Protection API (DPAPI) is used (see one of my earlier questions). See response to earlier question.
Is there already a C API documentation available? It is possible to create a password protected copy from user security, but we have not exposed this in the API. NSL can be used with the Notes ID vault to maintain centrally. Converting from NSL enabled back to password protected is supported via policy. Why do you need access to do this programmatically? Can you explain further?
What about further more C API functions like SECExportIDFileFromNSL or SECConvertIDFileFromNSL,etc?
What are further means for troubleshooting NSL? Set DebugNSL=1 in the notes.ini.
Is EnableNewNSL=1 a means to enable NSL without using a policy? No, this was used in early pre-beta builds to test the functionality before the policy work was complete. This notes.ini variable is undocumented and unsupported (and will not work for 8.5). The only way to enable NSL in 8.5 is using policies.
Subject: THANKS for all your feedback!
Appreciate your feedback, keep it coming!