Provisioning & Password syncronization

I'm new to Lawson, and more experienced with the middleware that Lawson9 uses, (WAS, LDAP, etc) so need some assistance on a couple of issues. I'm using TAMeb (WebSEAL) to secure Lawson, however we would like to provision users using ITIM, or use IDI to syncronize the passwords between Lawson and TAM. However Lawson uses "Bouncy Castle" to encrypt the passwords stored in the LDAP. It is responsible for encrypting the users password (using the selected algorithm) and storing it in the Lawson LDAP. The password is encrypted and stored in a text string similar to "PASSWORD=XXXXXXXX". This raises a series of questions: 1: From a sysadmin perspective, can we change the "Bouncy Castle" settings AFTER its initial configuration? 2: Is it essential, and if not, can the "Bouncy Castle be turned off, removed, or replaced? 3: If required, can "Bouncy Castle" be set to not-encrypt the passwords? 4: If required, can we set the "Bouncy Castle" algorithm to be identical to the LDAP native encryption? Has anyone dealt with a requirement to password syncronize Lawson to other repositiories or applications?