WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/hirschmann/HM2-USERMGMT-MIB

1127 lines
43 KiB
Plaintext
Raw Permalink Blame History

HM2-USERMGMT-MIB DEFINITIONS ::= BEGIN
--
-- *************************************************************
-- Hirschmann User Management MIB
-- *************************************************************
--
IMPORTS
MODULE-IDENTITY,
NOTIFICATION-TYPE,
OBJECT-TYPE,
OBJECT-IDENTITY,
Integer32 FROM SNMPv2-SMI -- RFC 2578
TEXTUAL-CONVENTION,
DisplayString,
RowStatus,
TruthValue FROM SNMPv2-TC
SnmpAdminString FROM SNMP-FRAMEWORK-MIB
HmEnabledStatus,
hm2ConfigurationMibs FROM HM2-TC-MIB;
hm2UserMgmtMib MODULE-IDENTITY
LAST-UPDATED "201103160000Z" -- March 16, 2011
ORGANIZATION "Hirschmann Automation and Control GmbH"
CONTACT-INFO
"Postal: Stuttgarter Str. 45-51
72654 Neckartenzlingen
Germany
Phone: +49 7127 140
E-mail: hac.support@belden.com"
DESCRIPTION
"Hirschmann User and Password Management MIB.
Copyright (C) 2011. All Rights Reserved."
REVISION "201103160000Z" -- March 16, 2011
DESCRIPTION
"Initial version."
::= { hm2ConfigurationMibs 24 }
--
-- Textual conventions
--
Hm2UserAccessRoles ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Agent user roles."
SYNTAX INTEGER {
unauthorized (0),
guest (1),
auditor (2),
custom1 (5),
custom2 (6),
custom3 (7),
operator (13),
administrator (15)
}
Hm2UserAuthList ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Agent auth list."
SYNTAX INTEGER {
local(3),
radius(5),
ias(7),
cam(9),
ldap(10),
reject(248),
none(300)
}
Hm2UserCustomAccessRoles ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Agent custom-based user roles."
SYNTAX INTEGER {
custom1 (5),
custom2 (6),
custom3 (7)
}
Hm2UserCliExecModes ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Agent CLI modes."
SYNTAX INTEGER {
user-exec-mode (1),
priv-exec-mode (2),
global-config-exec-mode (3),
vlan-database-exec-mode (4),
interface-exec-mode (5),
all-modes (10)
}
--
-- *************************************************************
-- hm2UserMgmtMib
-- *************************************************************
--
hm2UserMgmtMibNotifications OBJECT IDENTIFIER ::= { hm2UserMgmtMib 0 }
hm2UserMgmtMibObjects OBJECT IDENTIFIER ::= { hm2UserMgmtMib 1 }
-- hm2UserMgmtMibConformance OBJECT IDENTIFIER ::= { hm2UserMgmtMib 2 }
--
-- *************************************************************
-- hm2UserMgmtMib groups
-- *************************************************************
--
hm2UserConfigGroup OBJECT IDENTIFIER ::= { hm2UserMgmtMibObjects 1 }
hm2PwdMgmtGroup OBJECT IDENTIFIER ::= { hm2UserMgmtMibObjects 2 }
hm2UserApplicationListGroup OBJECT IDENTIFIER ::= { hm2UserMgmtMibObjects 3 }
hm2UserAuthListGroup OBJECT IDENTIFIER ::= { hm2UserMgmtMibObjects 4 }
hm2UserIasGroup OBJECT IDENTIFIER ::= { hm2UserMgmtMibObjects 5 }
--
-- *************************************************************
-- hm2UserConfigGroup
-- *************************************************************
--
hm2UserConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hm2UserConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"User configuration table.
This table provides the functionality the system uses
for any interaction started by the user - authentication,
encryption - changing authentication, password and access role
for login purposes through Web, CLI, SSH, SNMPv3.
For SNMPv3 the standard SNMPv3 authentication/encryption methods are used.
To create a new user set hm2UserStatus to 'createAndWait,
and set the corresponding objects to their values. Setting
hm2UserStatus to 'active' activates the user. To delete a
user, set hm2UserStatus to 'destroy'. Creating a new user
in the hm2UserConfigTable always creates a new user in the
SNMPv3 tables. The newly created SNMPv3 user will get the
corresponding view in the SNMPv3 tables which matches to one
of the given roles the user can have.
All objects in this table can be set while a row is 'active'."
::= { hm2UserConfigGroup 1 }
hm2UserConfigEntry OBJECT-TYPE
SYNTAX Hm2UserConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"User configuration entry."
INDEX { IMPLIED hm2UserName }
::= { hm2UserConfigTable 1 }
Hm2UserConfigEntry ::= SEQUENCE {
hm2UserName SnmpAdminString,
hm2UserPassword DisplayString,
hm2UserAccessRole Hm2UserAccessRoles,
hm2UserLockoutStatus TruthValue,
hm2UserPwdChangePerm TruthValue,
hm2UserPwdPolicyChk HmEnabledStatus,
hm2UserSnmpAuthType INTEGER,
hm2UserSnmpEncType INTEGER,
hm2UserStatus RowStatus,
hm2UserSnmpAuthPassword DisplayString,
hm2UserSnmpEncPassword DisplayString
}
hm2UserName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..32))
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Agent user name."
::= { hm2UserConfigEntry 1 }
hm2UserPassword OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..64))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Agent user password
This object will always return '********' when read.
The minimum size of the password is defined with the
hm2PwdMgmtMinLength object. The user password can be
set while the row is active."
DEFVAL { "" }
::= { hm2UserConfigEntry 2 }
hm2UserAccessRole OBJECT-TYPE
SYNTAX Hm2UserAccessRoles
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Agent user's role.
The user's role can be set while the row is active."
DEFVAL { guest }
::= { hm2UserConfigEntry 3 }
hm2UserLockoutStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Displays whether the user account is locked due to excessive failed login attempts.
If the user is locked out, the hm2UserLockoutStatus status is 'true'.
Only a user with the administrator role can set this status back to 'false'."
DEFVAL { false }
::= { hm2UserConfigEntry 4 }
hm2UserPwdChangePerm OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Displays whether the user is allowed to change his own password.
Only a user with the administrator role can set this value."
DEFVAL { true }
::= { hm2UserConfigEntry 5 }
hm2UserPwdPolicyChk OBJECT-TYPE
SYNTAX HmEnabledStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Displays whether the password policy check is enabled or not.
The password policy check objects are defined in the hm2PwdMgmtGroup.
Even if this object if set to 'disable' the size of a new password has
to be at least the size of the hm2PwdMgmtMinLength object set.
Only a user with the administrator role can set this value."
DEFVAL { disable }
::= { hm2UserConfigEntry 6 }
hm2UserSnmpAuthType OBJECT-TYPE
SYNTAX INTEGER {
hmacmd5(1),
hmacsha(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"SNMPv3 user authentication. The user password must be set
to a string greater than or equal to 8 characters for this to be
set to anything but none(0).
- hmacmd5(1) -> Use HMAC-MD5 authentication
- hmacsha(2) -> Use HMAC-SHA authentication
The user authentication type can be set while the row is active ."
DEFVAL { hmacmd5 }
::= { hm2UserConfigEntry 7 }
hm2UserSnmpEncType OBJECT-TYPE
SYNTAX INTEGER {
none(0),
des(1),
aesCfb128(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"SNMPv3 user encryption
Can not be set to des(2) or aesCfb128(3) if
hm2UserSnmpAuthenticationType is set to none(0).
- none(0) -> no encryption used
- des(1) -> DES encryption used
- aesCfb128(2) -> AES-128 encryption used
The user encryption type can be set while the row is active."
DEFVAL { des }
::= { hm2UserConfigEntry 8 }
hm2UserStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Agent user status.
active(1) - This user account is active.
notInService(2) - Row has been suspended.
notReady(3) - Row has incomplete values.
createAndGo(4) - Accept row values and activate.
createAndWait(5) - Accept row values and wait.
destroy(6) - Set to this value to remove this user account."
::= { hm2UserConfigEntry 9 }
hm2UserSnmpAuthPassword OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..64))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"SNMPv3 user authentication password
This object will always return '********' when read.
The minimum size of the password is defined with the
hm2PwdMgmtMinLength object. The SNMPv3 user authentication
password can be set while the row is active."
DEFVAL { "" }
::= { hm2UserConfigEntry 10 }
hm2UserSnmpEncPassword OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..64))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"SNMPv3 user encryption password
This object will always return '********' when read.
The minimum size of the password is defined with the
hm2PwdMgmtMinLength object. The SNMPv3 user encryption
password can be set while the row is active."
DEFVAL { "" }
::= { hm2UserConfigEntry 11 }
--
-- ******************************************************************
-- hm2UserStatusGroup
-- ******************************************************************
--
hm2UserStatusGroup OBJECT IDENTIFIER ::= { hm2UserConfigGroup 10 }
hm2UserLastUserCreated OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(0|1..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Name of the last user created in hm2UserConfigTable."
::= { hm2UserStatusGroup 1 }
hm2UserLastUserDeleted OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(0|1..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Name of the last user deleted in hm2UserConfigTable."
::= { hm2UserStatusGroup 2 }
hm2UserForcePasswordStatus OBJECT-TYPE
SYNTAX HmEnabledStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If enabled, then the password must be changed on first management access to the device.
This value is only set from internal component."
DEFVAL { enable }
::= { hm2UserStatusGroup 3 }
--
--**************************************************************************************
-- hm2UserCustomGroup
--**************************************************************************************
--
hm2UserCustomGroup OBJECT IDENTIFIER ::= { hm2UserConfigGroup 20 }
--
-- hm2UserCustomAccessRole2NameTable
--
hm2UserCustomAccessRole2NameTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hm2UserCustomAccessRole2NameEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Custom based role to name mapping."
::= { hm2UserCustomGroup 1 }
hm2UserCustomAccessRole2NameEntry OBJECT-TYPE
SYNTAX Hm2UserCustomAccessRole2NameEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The hm2UserCustomAccessRole2NameEntry."
INDEX { hm2UserCustomAccessRole }
::= { hm2UserCustomAccessRole2NameTable 1 }
Hm2UserCustomAccessRole2NameEntry ::=
SEQUENCE {
hm2UserCustomAccessRole Hm2UserCustomAccessRoles,
hm2UserCustomAccessRoleName SnmpAdminString,
hm2UserCustomAccessRoleStatus RowStatus
}
hm2UserCustomAccessRole OBJECT-TYPE
SYNTAX Hm2UserCustomAccessRoles
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Custom based roles."
::= { hm2UserCustomAccessRole2NameEntry 1 }
hm2UserCustomAccessRoleName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Custom based role name."
::= { hm2UserCustomAccessRole2NameEntry 2 }
hm2UserCustomAccessRoleStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Custom-based role to name command row status.
active(1) - This user account is active.
notInService(2) - Row has been suspended.
notReady(3) - Row has incomplete values.
createAndGo(4) - Accept row values and activate.
createAndWait(5) - Accept row values and wait.
destroy(6) - Set to this value to remove this role to name entry."
::= { hm2UserCustomAccessRole2NameEntry 3 }
--
-- hm2UserCustomCliCmdInheritTable
--
hm2UserCustomCliCmdInheritTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hm2UserCustomCliCmdInheritEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Base access role from which the custom-based CLI commands are inherited from."
::= { hm2UserCustomGroup 2 }
hm2UserCustomCliCmdInheritEntry OBJECT-TYPE
SYNTAX Hm2UserCustomCliCmdInheritEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The hm2UserCustomCliCmdInheritEntry."
INDEX { hm2UserCustomAccessRole }
::= { hm2UserCustomCliCmdInheritTable 1 }
Hm2UserCustomCliCmdInheritEntry ::=
SEQUENCE {
hm2UserCustomCliBaseAccessRole Hm2UserAccessRoles,
hm2UserCustomCliBaseAccessRoleStatus RowStatus
}
hm2UserCustomCliBaseAccessRole OBJECT-TYPE
SYNTAX Hm2UserAccessRoles
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The base access role the new CLI command is inherited from."
DEFVAL { guest }
::= { hm2UserCustomCliCmdInheritEntry 1 }
hm2UserCustomCliBaseAccessRoleStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Custom-based CLI base access role command row status.
active(1) - This user account is active.
notInService(2) - Row has been suspended.
notReady(3) - Row has incomplete values.
createAndGo(4) - Accept row values and activate.
createAndWait(5) - Accept row values and wait.
destroy(6) - Set to this value to remove this role to name entry."
::= { hm2UserCustomCliCmdInheritEntry 2 }
--
-- hm2UserCustomCliCmdTable
--
hm2UserCustomCliCmdTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hm2UserCustomCliCmdEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing the custom-based CLI commands."
::= { hm2UserCustomGroup 3 }
hm2UserCustomCliCmdEntry OBJECT-TYPE
SYNTAX Hm2UserCustomCliCmdEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The entries of the table."
INDEX { hm2UserCustomAccessRole, hm2UserCustomCliExecMode, hm2UserCustomCliIndex }
::= { hm2UserCustomCliCmdTable 1 }
Hm2UserCustomCliCmdEntry ::=
SEQUENCE {
hm2UserCustomCliExecMode Hm2UserCliExecModes,
hm2UserCustomCliIndex Integer32,
hm2UserCustomCliCommand SnmpAdminString,
hm2UserCustomCliType INTEGER,
hm2UserCustomCliStatus RowStatus
}
hm2UserCustomCliExecMode OBJECT-TYPE
SYNTAX Hm2UserCliExecModes
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"CLI exec mode."
::= { hm2UserCustomCliCmdEntry 1 }
hm2UserCustomCliIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Index of the custom based CLI commands."
::= { hm2UserCustomCliCmdEntry 2 }
hm2UserCustomCliCommand OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The custom based CLI command to be assigned."
::= { hm2UserCustomCliCmdEntry 3 }
hm2UserCustomCliType OBJECT-TYPE
SYNTAX INTEGER
{
included (1),
excluded (2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The custom based CLI command to be included or excluded in respect to the base role."
::= { hm2UserCustomCliCmdEntry 4 }
hm2UserCustomCliStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Custom-based CLI command row status.
active(1) - This user account is active.
notInService(2) - Row has been suspended.
notReady(3) - Row has incomplete values.
createAndGo(4) - Accept row values and activate.
createAndWait(5) - Accept row values and wait.
destroy(6) - Set to this value to remove this CLI command entry."
::= { hm2UserCustomCliCmdEntry 5 }
--
-- *************************************************************
-- hm2PwdMgmtGroup
-- *************************************************************
--
hm2PwdMgmtMinLength OBJECT-TYPE
SYNTAX Integer32 (1..64)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Minimum length for user passwords
All new local user passwords must be at least this many characters in length.
"
DEFVAL { 6 }
::= { hm2PwdMgmtGroup 1 }
hm2PwdMgmtLoginAttempts OBJECT-TYPE
SYNTAX Integer32 (0..5)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The number of allowable failed local authentication attempts before the user's
account is locked. A value of '0' indicates that user accounts will never be locked."
DEFVAL { 0 }
::= { hm2PwdMgmtGroup 2 }
hm2PwdMgmtMinUpperCase OBJECT-TYPE
SYNTAX Integer32 (0..16)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The number of minimum allowable uppercase letters in a
password. Minimum of '0' means no restriction on that set
of characters."
DEFVAL { 1 }
::= { hm2PwdMgmtGroup 3 }
hm2PwdMgmtMinLowerCase OBJECT-TYPE
SYNTAX Integer32 (0..16)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The number of minimum allowable lowercase letters in a
password. Minimum of '0' means no restriction on that set
of characters."
DEFVAL { 1 }
::= { hm2PwdMgmtGroup 4 }
hm2PwdMgmtMinNumericNumbers OBJECT-TYPE
SYNTAX Integer32 (0..16)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The number of minimum allowable numeric numbers in a
password. Minimum of '0' means no restriction on that set
of characters."
DEFVAL { 1 }
::= { hm2PwdMgmtGroup 5 }
hm2PwdMgmtMinSpecialCharacters OBJECT-TYPE
SYNTAX Integer32 (0..16)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The number of minimum allowable special characters in a
password. Minimum of '0' means no restriction on that set
of characters.
The following special characters are allowed:
!#$%&'()*+,-./:;<=>?@[\\]^_`{}~"
DEFVAL { 1 }
::= { hm2PwdMgmtGroup 6 }
hm2PwdMgmtLoginAttemptsTimePeriod OBJECT-TYPE
SYNTAX Integer32 (0..60)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The period of time after the number of allowable failed
local authentication attempts is reset. A value of '0'
indicates that the number of attempts is never reset."
DEFVAL { 0 }
::= { hm2PwdMgmtGroup 7 }
--
-- *************************************************************
-- hm2PwdMgmtDefaultPwdStatusGroup
-- *************************************************************
--
hm2PwdMgmtDefaultPwdStatusGroup OBJECT IDENTIFIER ::= { hm2PwdMgmtGroup 100 }
hm2PwdMgmtDefaultPwdActive OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Shows if one or more default passwords are active for
users configured in the hm2UserConfigTable.
The hm2PwdMgmtDefaultPwdStatusTable shows for which
users the default password is currently actice."
::= { hm2PwdMgmtDefaultPwdStatusGroup 1 }
--
-- *************************************************************
-- hm2PwdMgmtDefaultPwdStatusTable
-- *************************************************************
--
hm2PwdMgmtDefaultPwdStatusTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hm2PwdMgmtDefaultPwdStatusEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table showing for which users defined in hm2UserConfigTable the
default password has not been changed."
::= { hm2PwdMgmtDefaultPwdStatusGroup 100 }
hm2PwdMgmtDefaultPwdStatusEntry OBJECT-TYPE
SYNTAX Hm2PwdMgmtDefaultPwdStatusEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Entry."
INDEX { hm2PwdMgmtDefaultPwdStatusIndex }
::= { hm2PwdMgmtDefaultPwdStatusTable 1 }
Hm2PwdMgmtDefaultPwdStatusEntry ::= SEQUENCE {
hm2PwdMgmtDefaultPwdStatusIndex Integer32,
hm2PwdMgmtDefaultPwdStatusUserName SnmpAdminString
}
hm2PwdMgmtDefaultPwdStatusIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Index for the table."
::= { hm2PwdMgmtDefaultPwdStatusEntry 1 }
hm2PwdMgmtDefaultPwdStatusUserName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The name of the default user for which the default password has not
been changed."
::= { hm2PwdMgmtDefaultPwdStatusEntry 2 }
--**************************************************************************************
-- hm2UserApplicationListGroup
--**************************************************************************************
hm2UserApplicationListTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hm2UserApplicationListEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table provides the functionality the system uses to assign an
authentication list to an application.
All objects in this table can be set while a row is 'active'."
::= { hm2UserApplicationListGroup 1 }
hm2UserApplicationListEntry OBJECT-TYPE
SYNTAX Hm2UserApplicationListEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Application list entry."
INDEX { IMPLIED hm2UserApplicationListName }
::= { hm2UserApplicationListTable 1 }
Hm2UserApplicationListEntry ::= SEQUENCE {
hm2UserApplicationListName
SnmpAdminString,
hm2UserApplicationListAuthListName
SnmpAdminString,
hm2UserApplicationListStatus
RowStatus
}
hm2UserApplicationListName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Application list name."
::= { hm2UserApplicationListEntry 1 }
hm2UserApplicationListAuthListName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The authentication list used for this application to authenticate
to the system.
The application authentication list can be set while the row is active."
::= { hm2UserApplicationListEntry 6 }
hm2UserApplicationListStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Application row status.
active(1) - This user account is active.
notInService(2) - Row has been suspended.
notReady(3) - Row has incomplete values.
createAndGo(4) - Accept row values and activate.
createAndWait(5) - Accept row values and wait.
destroy(6) - Set to this value to remove this application list entry."
::= { hm2UserApplicationListEntry 7 }
--**************************************************************************************
-- hm2UserAuthListGroup
--**************************************************************************************
hm2UserAuthListTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hm2UserAuthListEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The hm2UserAuthListTable contains the policies a user authenticates to the system.
Each entry in the table can contain up to 5 policies."
::= { hm2UserAuthListGroup 1 }
hm2UserAuthListEntry OBJECT-TYPE
SYNTAX Hm2UserAuthListEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The hm2UserAuthListEntry."
INDEX { IMPLIED hm2UserAuthListName }
::= { hm2UserAuthListTable 1 }
Hm2UserAuthListEntry ::=
SEQUENCE {
hm2UserAuthListName
SnmpAdminString,
hm2UserAuthListPolicy1
Hm2UserAuthList,
hm2UserAuthListPolicy2
Hm2UserAuthList,
hm2UserAuthListPolicy3
Hm2UserAuthList,
hm2UserAuthListPolicy4
Hm2UserAuthList,
hm2UserAuthListPolicy5
Hm2UserAuthList,
hm2UserAuthListStatus
RowStatus
}
hm2UserAuthListName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Authentication list index.
Unique name used for indexing into this table."
::= { hm2UserAuthListEntry 1 }
hm2UserAuthListPolicy1 OBJECT-TYPE
SYNTAX Hm2UserAuthList
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Authentication list policy 1.
Configures the first authentication policy to use when this list is
specified.
- local -> authentication is done through local user database
- radius -> authentication is done through a RADIUS server
- ias -> authentication is done through a (i)ntegrated (a)uthentication (s)erver
- cam -> authentication is done through a CAM server (via LDAP)
- ldap -> authentication is done through a AD server (via LDAP)
- reject -> authentication is rejected/not allowed.
Note: If a policy is set to 'reject' further policies are ignored."
DEFVAL { local }
::= { hm2UserAuthListEntry 2 }
hm2UserAuthListPolicy2 OBJECT-TYPE
SYNTAX Hm2UserAuthList
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Authentication list policy 2.
Configures the first authentication policy to use when this list is
specified.
- local -> authentication is done through local user database
- radius -> authentication is done through a RADIUS server
- ias -> authentication is done through a (i)ntegrated (a)uthentication (s)erver
- cam -> authentication is done through a CAM server (via LDAP)
- ldap -> authentication is done through a AD server (via LDAP)
- reject -> authentication is rejected/not allowed
Note: If a policy is set to 'reject' further policies are ignored."
DEFVAL { reject }
::= { hm2UserAuthListEntry 3 }
hm2UserAuthListPolicy3 OBJECT-TYPE
SYNTAX Hm2UserAuthList
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Authentication list policy 3.
Configures the first authentication policy to use when this list is
specified.
- local -> authentication is done through local user database
- radius -> authentication is done through a RADIUS server
- ias -> authentication is done through a (i)ntegrated (a)uthentication (s)erver
- cam -> authentication is done through a CAM server (via LDAP)
- ldap -> authentication is done through a AD server (via LDAP)
- reject -> authentication is rejected/not allowed
Note: If a policy is set to 'reject' further policies are ignored."
DEFVAL { reject }
::= { hm2UserAuthListEntry 4 }
hm2UserAuthListPolicy4 OBJECT-TYPE
SYNTAX Hm2UserAuthList
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Authentication list policy 4.
Configures the first authentication policy to use when this list is
specified.
- local -> authentication is done through local user database
- radius -> authentication is done through a RADIUS server
- ias -> authentication is done through a (i)ntegrated (a)uthentication (s)erver
- cam -> authentication is done through a CAM server (via LDAP)
- ldap -> authentication is done through a AD server (via LDAP)
- reject -> authentication is rejected/not allowed
Note: If a policy is set to 'reject' further policies are ignored."
DEFVAL { reject }
::= { hm2UserAuthListEntry 5 }
hm2UserAuthListPolicy5 OBJECT-TYPE
SYNTAX Hm2UserAuthList
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Authentication list policy 5.
Configures the first authentication policy to use when this list is
specified.
- local -> authentication is done through local user database
- radius -> authentication is done through a RADIUS server
- ias -> authentication is done through a (i)ntegrated (a)uthentication (s)erver
- cam -> authentication is done through a CAM server (via LDAP)
- ldap -> authentication is done through a AD server (via LDAP)
- reject -> authentication is rejected/not allowed
Note: If a policy is set to 'reject' further policies are ignored."
DEFVAL { reject }
::= { hm2UserAuthListEntry 6 }
hm2UserAuthListStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of the authentication list.
active(1) - This entry is active.
notInService(2) - Row has been suspended.
notReady(3) - Row has incomplete values.
createAndGo(4) - Accept row values and activate.
createAndWait(5) - Accept row values and wait.
destroy(6) - Set to this value to remove this authentication list."
::= { hm2UserAuthListEntry 7 }
--**************************************************************************************
-- hm2UserIasGroup
--**************************************************************************************
hm2UserIasTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hm2UserIasEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"(I)ntegrated (A)uthentication (S)erver."
::= { hm2UserIasGroup 1 }
hm2UserIasEntry OBJECT-TYPE
SYNTAX Hm2UserIasEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The hm2UserIasEntry."
INDEX { IMPLIED hm2UserIasUserName }
::= { hm2UserIasTable 1 }
Hm2UserIasEntry ::=
SEQUENCE {
hm2UserIasUserName
SnmpAdminString,
hm2UserIasUserPassword
DisplayString,
hm2UserIasUserStatus
RowStatus
}
hm2UserIasUserName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The (I)ntegrated (A)uthentication (S)erver user name."
::= { hm2UserIasEntry 1 }
hm2UserIasUserPassword OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..64))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The (I)ntegrated (A)uthentication (S)erver user password.
This object will always return '********' when read.
The user password can be set while the row is active.
"
DEFVAL { "" }
::= { hm2UserIasEntry 2 }
hm2UserIasUserStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of the IAS users.
active(1) - This entry is active.
notInService(2) - Row has been suspended.
notReady(3) - Row has incomplete values.
createAndGo(4) - Accept row values and activate.
createAndWait(5) - Accept row values and wait.
destroy(6) - Set to this value to remove this IAS entry."
::= { hm2UserIasEntry 3 }
--
-- ***********************************************************
-- hm2UserMgmtMibNotifications
-- ***********************************************************
--
hm2UserCreatedTrap NOTIFICATION-TYPE
OBJECTS { hm2UserLastUserCreated }
STATUS current
DESCRIPTION
"This notification is send when a new user is added to the hm2UserConfigTable."
::= { hm2UserMgmtMibNotifications 1 }
hm2UserDeletedTrap NOTIFICATION-TYPE
OBJECTS { hm2UserLastUserDeleted }
STATUS current
DESCRIPTION
"This notification is send when a user is deleted from the hm2UserConfigTable."
::= { hm2UserMgmtMibNotifications 2 }
hm2UserLockedTrap NOTIFICATION-TYPE
OBJECTS { hm2UserName, hm2UserLockoutStatus }
STATUS current
DESCRIPTION
"This notification is send when a user is locked due to excessive failed login attempts."
::= { hm2UserMgmtMibNotifications 3 }
hm2UserPwdChangedTrap NOTIFICATION-TYPE
OBJECTS { hm2UserName }
STATUS current
DESCRIPTION
"This notification is send when a password for a user is changed."
::= { hm2UserMgmtMibNotifications 4 }
hm2UserPwdPolicyChkChangedTrap NOTIFICATION-TYPE
OBJECTS { hm2UserName, hm2UserPwdPolicyChk }
STATUS current
DESCRIPTION
"This notification is send when the password policy for a user is changed."
::= { hm2UserMgmtMibNotifications 5 }
hm2UserPwdChangedSnmpv3AuthTrap NOTIFICATION-TYPE
OBJECTS { hm2UserName }
STATUS current
DESCRIPTION
"This notification is send when a SNMPv3 authentication password for an user is changed."
::= { hm2UserMgmtMibNotifications 6 }
hm2UserPwdChangedSnmpv3EncTrap NOTIFICATION-TYPE
OBJECTS { hm2UserName }
STATUS current
DESCRIPTION
"This notification is send when a SNMPv3 encryption password for an user is changed."
::= { hm2UserMgmtMibNotifications 7 }
hm2UserMgmtMibSNMPExtensionGroup OBJECT IDENTIFIER ::= { hm2UserMgmtMib 3 }
-- ***********************************************************
-- hm2UserMgmtMibSNMPExtensionGroup
-- ***********************************************************
hm2UserMgmtGlobalSESGroup OBJECT IDENTIFIER ::= { hm2UserMgmtMibSNMPExtensionGroup 1 }
hm2UserMgmtUserSESGroup OBJECT IDENTIFIER ::= { hm2UserMgmtMibSNMPExtensionGroup 2 }
hm2UserMgmtApplSESGroup OBJECT IDENTIFIER ::= { hm2UserMgmtMibSNMPExtensionGroup 3 }
hm2UserMgmtAuthSESGroup OBJECT IDENTIFIER ::= { hm2UserMgmtMibSNMPExtensionGroup 4 }
-- ***********************************************************
-- hm2UserMgmtGlobalSESGroup
-- ***********************************************************
hm2UserMgmtGlobalSESLenCharset OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Indicates that the chosen entry name uses not allowed character(s).
Allowed are alphanumerical characters and name size from 1 to 32."
::= { hm2UserMgmtGlobalSESGroup 1 }
hm2UserMgmtGlobalSESPwdLenCharset OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Indicates that the chosen password is incorrect.
Check character set, length, policy matching (if
password policy checker is enabled)."
::= { hm2UserMgmtGlobalSESGroup 2 }
-- ***********************************************************
-- hm2UserMgmtUserSESGroup
-- ***********************************************************
hm2UserMgmtUserSESActivate OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Indicates that the chosen user entry can not be activated.
Be sure that a user password has been successfully set before."
::= { hm2UserMgmtUserSESGroup 1 }
hm2UserMgmtUserSESDeactivate OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Indicates that the chosen user entry can not be deactivated.
Be sure that this user is not the last active admin on the device."
::= { hm2UserMgmtUserSESGroup 2 }
hm2UserMgmtUserSESActivateExisting OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Indicates that the chosen user entry can not be activated.
Be sure that a user password has been successfully set before.
Also check SNMP notification user table for entries with the same name."
::= { hm2UserMgmtUserSESGroup 3 }
-- ***********************************************************
-- hm2UserMgmtApplSESGroup
-- ***********************************************************
hm2UserMgmtApplSESAddDel OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Indicates that the chosen entry can not be added or deleted.
Notice that application lists can neither be added nor deleted."
::= { hm2UserMgmtApplSESGroup 1 }
hm2UserMgmtApplSESDeactivate OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Indicates that the chosen entry can not be deactivated.
Be sure that this list is not referenced to an authentication list
(hm2UserApplicationListAuthListName has to be set to a zero length string)."
::= { hm2UserMgmtApplSESGroup 2 }
hm2UserMgmtApplSESAuthDeactivated OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Indicates that the chosen entry can not be allocated to authentication list.
Authentication list is deactivated. Application list can not be allocated to
deactivated authentication list."
::= { hm2UserMgmtApplSESGroup 3 }
-- ***********************************************************
-- hm2UserMgmtAuthSESGroup
-- ***********************************************************
hm2UserMgmtAuthSESDuplPolicy OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Indicates that the chosen policy of this entry can not be set twice.
Be sure that a policy is set only once per authentication list
(exception: the policy 'reject' can be set several times)."
::= { hm2UserMgmtAuthSESGroup 1 }
hm2UserMgmtAuthSESDeactivate OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Indicates that the chosen entry can not be deactivated.
Be sure that this list is not referenced by an apllication list
(hm2UserApplicationListAuthListName is not set to this authentication
list name)."
::= { hm2UserMgmtAuthSESGroup 2 }
END
View Git Blame Copy Permalink