-- **************************************************************************** -- LEFTHAND-NETWORKS-NSM-SECURITY-MIB -- Management Information Base for SNMP Network Management -- -- This MIB provides security (user and group) information for a storage node. -- This MIB must be loaded after: -- LEFTHAND-NETWORKS-GLOBAL-REG-MIB.mib -- LEFTHAND-NETWORKS-NSM-MIB.mib -- -- The LeftHand Networks Enterprise number is 9804. -- The ASN.1 prefix to, and including the LeftHand Networks Enterprise is: -- 1.3.6.1.4.1.9804 -- **************************************************************************** -- Copyright 2009,2010 Hewlett-Packard Development Company, L.P. -- Copyright 2008,2009 LeftHand Networks, Inc. -- All Rights Reserved. -- -- Hewlett-Packard Company shall not be liable for technical or -- editorial errors or omissions contained herein. The information in -- this document is provided "as is" without warranty of any kind and -- is subject to change without notice. The warranties for HP products -- are set forth in the express limited warranty statements -- accompanying such products. Nothing herein should be construed as -- constituting an additional warranty. -- -- Confidential computer software. Valid license from HP required for -- possession, use or copying. Consistent with FAR 12.211 and 12.212, -- Commercial Computer Software, Computer Software Documentation, and -- Technical Data for Commercial Items are licensed to the U.S. -- Government under vendor's standard commercial license. -- **************************************************************************** LEFTHAND-NETWORKS-NSM-SECURITY-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32 FROM SNMPv2-SMI OBJECT-GROUP, MODULE-COMPLIANCE FROM SNMPv2-CONF TEXTUAL-CONVENTION, DisplayString, RowStatus FROM SNMPv2-TC lhnModules, lhnNsm FROM LEFTHAND-NETWORKS-GLOBAL-REG-MIB lhnNsmSecurity FROM LEFTHAND-NETWORKS-NSM-MIB; -- lhnNsm is imported but never used, this will create a smilint warning -- however, it's necessary for some MIB compilers -- -- Module definition and a brief description of this mib. -- lhnNsmSecurityModule MODULE-IDENTITY LAST-UPDATED "201311190000Z" ORGANIZATION "Hewlett Packard Company, StorageWorks Division" CONTACT-INFO "Product Support Product URL: www.hp.com/go/p4000 Support URL: www.itrc.hp.com Product Phone: www.hp.com/go/contact 1-800-786-7967 (US only) Support Phone: www.hp.com/go/contact 1-800-334-5144 (US only)" DESCRIPTION "HP StorageWorks P4000 Security Information" REVISION "201311190000Z" DESCRIPTION "SAN/iQ 7.0, SAN/iQ 8.0, SAN/iQ 8.1, SAN/iQ 8.5, SAN/iQ 9.0, SAN/iQ 9.5, SAN/iQ 10.0, SAN/iQ 10.5, SAN/iQ 11.0, SAN/iQ 11.5" REVISION "201306250000Z" DESCRIPTION "SAN/iQ 7.0, SAN/iQ 8.0, SAN/iQ 8.1, SAN/iQ 8.5, SAN/iQ 9.0, SAN/iQ 9.5, SAN/iQ 10.0, SAN/iQ 10.5, SAN/iQ 11.0" REVISION "201209040000Z" DESCRIPTION "SAN/iQ 7.0, SAN/iQ 8.0, SAN/iQ 8.1, SAN/iQ 8.5, SAN/iQ 9.0, SAN/iQ 9.5, SAN/iQ 10.0" REVISION "201106210000Z" DESCRIPTION "SAN/iQ 7.0, SAN/iQ 8.0, SAN/iQ 8.1, SAN/iQ 8.5, SAN/iQ 9.0, SAN/iQ 9.5" REVISION "201009070000Z" DESCRIPTION "SAN/iQ 7.0, SAN/iQ 8.0, SAN/iQ 8.1, SAN/iQ 8.5, SAN/iQ 9.0" REVISION "201007190000Z" DESCRIPTION "SAN/iQ 7.0, SAN/iQ 8.0, SAN/iQ 8.1, SAN/iQ 8.5 with patch 10076 Obsoleted: secUserCount secUserName secUserDesc secUserPassword secUserRowStatus secGroupCount secGroupName secGroupDesc secGroupUserCount secGroupRowStatus secGroupUserName secGroupUserRowStatus secAdminUserPassword secAdminUserRowStatus secAdminGroupUserRowStatus secAdminGroupAccessKey secAdminGroupAccessMode secAdminGroupAccessRowStatus secAdminGroupRowStatus Changed all objects that used the 'OCTET STRING' syntax to use the 'DisplayString' syntax for increased client compatability." REVISION "200911200000Z" DESCRIPTION "SAN/iQ 7.0, SAN/iQ 8.0, SAN/iQ 8.1, SAN/iQ 8.5" REVISION "200903100000Z" DESCRIPTION "SAN/iQ 7.0, SAN/iQ 8.0, SAN/iQ 8.1" REVISION "200801240000Z" DESCRIPTION "SAN/iQ 7.0, SAN/iQ 8.0 Updated object names to use current product branding. Added conformance and compliance objects. Updated the MIB for increased client compatability." ::= { lhnModules 11 } --****************************************************************************** -- -- Conformance -- --****************************************************************************** lhnNsmSecurityModuleConformance OBJECT IDENTIFIER ::= { lhnNsmSecurityModule 1 } lhnNsmSecurityModuleCompliances OBJECT IDENTIFIER ::= { lhnNsmSecurityModuleConformance 1 } lhnNsmSecurityModuleGroups OBJECT IDENTIFIER ::= { lhnNsmSecurityModuleConformance 2 } lefthandNetworksNsmSecurityMibCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement." MODULE MANDATORY-GROUPS { lefthandNetworksNsmSecurityGroup } ::= { lhnNsmSecurityModuleCompliances 1 } lefthandNetworksNsmSecurityGroup OBJECT-GROUP OBJECTS { secAdminUserCount, secAdminGroupCount, secAdminUserName, secAdminUserDesc, secAdminGroupName, secAdminGroupUserName, secAdminGroupDesc, secAdminGroupUserCount } STATUS current DESCRIPTION "The default group for all NSM Info objects." ::= { lhnNsmSecurityModuleGroups 1 } lefthandNetworksNsmSecurityGroupObsolete OBJECT-GROUP OBJECTS { secUserCount, secUserName, secUserDesc, secUserPassword, secUserRowStatus, secGroupCount, secGroupName, secGroupDesc, secGroupUserCount, secGroupRowStatus, secGroupUserName, secGroupUserRowStatus, secAdminUserPassword, secAdminUserRowStatus, secAdminGroupUserRowStatus, secAdminGroupAccessKey, secAdminGroupAccessMode, secAdminGroupAccessRowStatus, secAdminGroupRowStatus } STATUS obsolete DESCRIPTION "The group for obsolete NSM Info objects." ::= { lhnNsmSecurityModuleGroups 2 } -------------------------------------------------------------------------------- -- -- Security User Module Objects (Linux Users) -- -------------------------------------------------------------------------------- secUserCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The number of Linux users. Obsolete in SAN/iQ 8." ::= { lhnNsmSecurity 1 } secUserTable OBJECT-TYPE SYNTAX SEQUENCE OF SecUserEntry MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "A table of Linux users. The number of entries is given by secUserCount. Obsolete in SAN/iQ 8." ::= { lhnNsmSecurity 2 } secUserEntry OBJECT-TYPE SYNTAX SecUserEntry MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "A row of Linux user information. Obsolete in SAN/iQ 8." INDEX { secUserIndex } ::= { secUserTable 1 } SecUserEntry ::= SEQUENCE { secUserIndex Unsigned32, secUserName DisplayString, secUserDesc DisplayString, secUserPassword DisplayString, secUserRowStatus RowStatus } secUserIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "The index for the secUserTable table. Obsolete in SAN/iQ 8." ::= { secUserEntry 1 } secUserName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The Linux username. Obsolete in SAN/iQ 8." ::= { secUserEntry 2 } secUserDesc OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The Linux user description. Obsolete in SAN/iQ 8." ::= { secUserEntry 3 } secUserPassword OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-write -- write only STATUS obsolete DESCRIPTION "The Linux user password. Obsolete in SAN/iQ 8." ::= { secUserEntry 4 } secUserRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The table row status. Obsolete in SAN/iQ 8." ::= { secUserEntry 5 } -------------------------------------------------------------------------------- -- -- Security Group Module Objects (Linux Groups) -- -------------------------------------------------------------------------------- secGroupCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The number of Linux groups. Obsolete in SAN/iQ 8." ::= { lhnNsmSecurity 3 } secGroupTable OBJECT-TYPE SYNTAX SEQUENCE OF SecGroupEntry MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "A table of Linux groups. The number of entries is given by secGroupCount. Obsolete in SAN/iQ 8." ::= { lhnNsmSecurity 4 } secGroupEntry OBJECT-TYPE SYNTAX SecGroupEntry MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "A row of Linux group information. Obsolete in SAN/iQ 8." INDEX { secGroupIndex } ::= { secGroupTable 1 } SecGroupEntry ::= SEQUENCE { secGroupIndex Unsigned32, secGroupName DisplayString, secGroupDesc DisplayString, secGroupUserCount Integer32, secGroupRowStatus RowStatus } secGroupIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "The index for the secGroupTable table. Obsolete in SAN/iQ 8." ::= { secGroupEntry 1 } secGroupName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The Linux group name." ::= { secGroupEntry 2 } secGroupDesc OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The Linux group description." ::= { secGroupEntry 3 } secGroupUserCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The number of users in the Linux group. Obsolete in SAN/iQ 8." ::= { secGroupEntry 4 } secGroupRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The table row status." ::= { secGroupEntry 5 } secGroupUserTable OBJECT-TYPE SYNTAX SEQUENCE OF SecGroupUserEntry MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "A table of Linux security group users. The number of entries is given by secGroupUserCount. Obsolete in SAN/iQ 8." ::= { lhnNsmSecurity 5 } secGroupUserEntry OBJECT-TYPE SYNTAX SecGroupUserEntry MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "A row of Linux security group user information. Obsolete in SAN/iQ 8." INDEX { secGroupIndex, secGroupUserIndex } ::= { secGroupUserTable 1 } SecGroupUserEntry ::= SEQUENCE { secGroupUserIndex Unsigned32, secGroupUserName DisplayString, secGroupUserRowStatus RowStatus } secGroupUserIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "The index for the secGroupUserTable table. Obsolete in SAN/iQ 8." ::= { secGroupUserEntry 1 } secGroupUserName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The Linux security group name. Obsolete in SAN/iQ 8." ::= { secGroupUserEntry 2 } secGroupUserRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The table row status. Obsolete in SAN/iQ 8." ::= { secGroupUserEntry 3 } -------------------------------------------------------------------------------- -- -- Security Admin User Module Objects (LeftHand Users) -- -------------------------------------------------------------------------------- secAdminUserCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of users." ::= { lhnNsmSecurity 6 } secAdminUserTable OBJECT-TYPE SYNTAX SEQUENCE OF SecAdminUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of users for the NSM. The number of entries is given by secAdminUserCount." ::= { lhnNsmSecurity 7 } secAdminUserEntry OBJECT-TYPE SYNTAX SecAdminUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A row of user information." INDEX { secAdminUserIndex } ::= { secAdminUserTable 1 } SecAdminUserEntry ::= SEQUENCE { secAdminUserIndex Unsigned32, secAdminUserName DisplayString, secAdminUserDesc DisplayString, secAdminUserPassword DisplayString, secAdminUserRowStatus RowStatus } secAdminUserIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index for the secAdminUserTable table." ::= { secAdminUserEntry 1 } secAdminUserName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The user's username." ::= { secAdminUserEntry 2 } secAdminUserDesc OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The user description." ::= { secAdminUserEntry 3 } secAdminUserPassword OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-write -- write only STATUS obsolete DESCRIPTION "The user's password. Obsolete in SAN/iQ 8." ::= { secAdminUserEntry 4 } secAdminUserRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The table row status. Obsolete in SAN/iQ 8.5." ::= { secAdminUserEntry 5 } -------------------------------------------------------------------------------- -- -- Security Admin Group Module Objects (LeftHand Groups) -- -------------------------------------------------------------------------------- secAdminGroupCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of user groups." ::= { lhnNsmSecurity 8 } secAdminGroupTable OBJECT-TYPE SYNTAX SEQUENCE OF SecAdminGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of groups on the NSM. The number of entries is given by secAdminGroupCount." ::= { lhnNsmSecurity 9 } secAdminGroupEntry OBJECT-TYPE SYNTAX SecAdminGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A row of group information." INDEX { secAdminGroupIndex } ::= { secAdminGroupTable 1 } SecAdminGroupEntry ::= SEQUENCE { secAdminGroupIndex Unsigned32, secAdminGroupName DisplayString, secAdminGroupDesc DisplayString, secAdminGroupUserCount Integer32, secAdminGroupRowStatus RowStatus } secAdminGroupIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index for the secAdminGroupTable table." ::= { secAdminGroupEntry 1 } secAdminGroupName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The group name." ::= { secAdminGroupEntry 2 } secAdminGroupDesc OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The group description." ::= { secAdminGroupEntry 3 } secAdminGroupUserCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of users in the group." ::= { secAdminGroupEntry 4 } secAdminGroupRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The table row status. Obsolete in SAN/iQ 8.5." ::= { secAdminGroupEntry 5 } secAdminGroupUserTable OBJECT-TYPE SYNTAX SEQUENCE OF SecAdminGroupUserOrSubGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of administrators on the NSM. The number of entries is given by secAdminGroupCount for the 'full_administrator' group." ::= { lhnNsmSecurity 10 } secAdminGroupUserEntry OBJECT-TYPE SYNTAX SecAdminGroupUserOrSubGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A row of administrator group information." INDEX { secAdminGroupIndex, secAdminGroupUserIndex } ::= { secAdminGroupUserTable 1 } SecAdminGroupUserOrSubGroupEntry ::= SEQUENCE { secAdminGroupUserIndex Unsigned32, secAdminGroupUserName DisplayString, secAdminGroupUserRowStatus RowStatus } secAdminGroupUserIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index for the secAdminGroupUserTable table." ::= { secAdminGroupUserEntry 1 } secAdminGroupUserName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The user's username." ::= { secAdminGroupUserEntry 2 } secAdminGroupUserRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The table row status. Obsolete in SAN/iQ 8.5." ::= { secAdminGroupUserEntry 3 } secAdminGroupAccessTable OBJECT-TYPE SYNTAX SEQUENCE OF SecAdminGroupAccessEntry MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "The group access permissions table." ::= { lhnNsmSecurity 11 } secAdminGroupAccessEntry OBJECT-TYPE SYNTAX SecAdminGroupAccessEntry MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "A row of group access permissions." INDEX { secAdminGroupIndex, secAdminGroupAccessIndex } ::= { secAdminGroupAccessTable 1 } SecAdminGroupAccessEntry ::= SEQUENCE { secAdminGroupAccessIndex Unsigned32, secAdminGroupAccessKey DisplayString, secAdminGroupAccessMode BITS, secAdminGroupAccessRowStatus RowStatus } secAdminGroupAccessIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "The index for the secAdminGroupAccessTable table." ::= { secAdminGroupAccessEntry 1 } secAdminGroupAccessKey OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The key." ::= { secAdminGroupAccessEntry 2 } secAdminGroupAccessMode OBJECT-TYPE SYNTAX BITS { get( 0 ), set( 1 ), add( 2 ), delete( 3 ) } MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The access mode." ::= { secAdminGroupAccessEntry 3 } secAdminGroupAccessRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The table row status." ::= { secAdminGroupAccessEntry 4 } END -- END: some MIB compilers require a CR/LF after the END statement --