460 lines
18 KiB
Plaintext
460 lines
18 KiB
Plaintext
TIMETRA-LDAP-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
InetAddress, InetAddressType
|
|
FROM INET-ADDRESS-MIB
|
|
MODULE-COMPLIANCE, NOTIFICATION-GROUP,
|
|
OBJECT-GROUP
|
|
FROM SNMPv2-CONF
|
|
MODULE-IDENTITY, NOTIFICATION-TYPE,
|
|
OBJECT-TYPE, Unsigned32
|
|
FROM SNMPv2-SMI
|
|
DisplayString, RowStatus, TimeStamp,
|
|
TruthValue
|
|
FROM SNMPv2-TC
|
|
timetraSRMIBModules, tmnxSRConfs,
|
|
tmnxSRNotifyPrefix, tmnxSRObjs
|
|
FROM TIMETRA-GLOBAL-MIB
|
|
TNamedItemOrEmpty, TTcpUdpPort,
|
|
TmnxAdminState, TmnxLongDisplayString,
|
|
TmnxOperState
|
|
FROM TIMETRA-TC-MIB
|
|
;
|
|
|
|
timetraLdapMIBModule MODULE-IDENTITY
|
|
LAST-UPDATED "201602010000Z"
|
|
ORGANIZATION "Nokia"
|
|
CONTACT-INFO
|
|
"Nokia SROS Support
|
|
Web: http://www.nokia.com"
|
|
DESCRIPTION
|
|
"This document is the SNMP MIB module for the Nokia SROS implementation
|
|
of LDAP.
|
|
|
|
Copyright 2003-2018 Nokia. All rights reserved. Reproduction of this
|
|
document is authorized on the condition that the foregoing copyright
|
|
notice is included.
|
|
|
|
This SNMP MIB module (Specification) embodies Nokia's
|
|
proprietary intellectual property. Nokia retains all
|
|
title and ownership in the Specification, including any
|
|
revisions.
|
|
|
|
Nokia grants all interested parties a non-exclusive license to use and
|
|
distribute an unmodified copy of this Specification in connection with
|
|
management of Nokia products, and without fee, provided this copyright
|
|
notice and license appear on all copies.
|
|
|
|
This Specification is supplied `as is', and Nokia makes no warranty,
|
|
either express or implied, as to the use, operation, condition, or
|
|
performance of the Specification."
|
|
|
|
REVISION "201602010000Z"
|
|
DESCRIPTION
|
|
"Rev 14.0 1 Feb 2016 00:00
|
|
Initial version of the TIMETRA-LDAP-MIB."
|
|
|
|
::= { timetraSRMIBModules 106 }
|
|
|
|
tmnxLdapObjs OBJECT IDENTIFIER ::= { tmnxSRObjs 106 }
|
|
|
|
tmnxLdapScalarObjs OBJECT IDENTIFIER ::= { tmnxLdapObjs 1 }
|
|
|
|
tmnxLdapScalarStatsObjs OBJECT IDENTIFIER ::= { tmnxLdapScalarObjs 1 }
|
|
|
|
tmnxLdapServerTableLastChanged OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerTableLastChanged indicates the
|
|
timestamp of the last change to the tmnxLdapServerTable.
|
|
|
|
A value of 0 indicates that no changes were made to this table since
|
|
the system was last initialized."
|
|
::= { tmnxLdapScalarStatsObjs 1 }
|
|
|
|
tmnxLdapScalarConfigObjs OBJECT IDENTIFIER ::= { tmnxLdapScalarObjs 2 }
|
|
|
|
tmnxLdapAdminState OBJECT-TYPE
|
|
SYNTAX TmnxAdminState
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapAdminState specifies the desired
|
|
administrative state of the LDAP protocol operation. The value 'noop'
|
|
is never allowed."
|
|
DEFVAL { inService }
|
|
::= { tmnxLdapScalarConfigObjs 1 }
|
|
|
|
tmnxLdapOperState OBJECT-TYPE
|
|
SYNTAX TmnxOperState
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapOperState indicates the operational
|
|
state of the LDAP protocol.
|
|
|
|
If the value is 'outOfService' then the LDAP protocol is not available
|
|
for use. If the value is 'inService' then the LDAP protocol is
|
|
available for use. The value will be 'inService' if the value of the
|
|
object tmnxLdapServerOperState of at least one LDAP server is in
|
|
'inService' state.
|
|
|
|
If the value of this object changes from 'outOfService' to 'inService'
|
|
or from 'inService' to 'outOfService' then tmnxLdapOperStateChange
|
|
notification will be sent."
|
|
::= { tmnxLdapScalarConfigObjs 2 }
|
|
|
|
tmnxLdapRetryAttempts OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..10)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapRetryAttempts specifies the number of
|
|
times an attempt to connect to an LDAP server should be retried."
|
|
DEFVAL { 3 }
|
|
::= { tmnxLdapScalarConfigObjs 3 }
|
|
|
|
tmnxLdapTimeout OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..90)
|
|
UNITS "Seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapTimeout specifies the number of
|
|
seconds to wait before timing out an LDAP server connection attempt."
|
|
DEFVAL { 3 }
|
|
::= { tmnxLdapScalarConfigObjs 4 }
|
|
|
|
tmnxLdapUseTemplate OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapUseTemplate specifies whether the LDAP
|
|
user template is actively applied to the LDAP user, if no user profile
|
|
data are returned from the LDAP server."
|
|
DEFVAL { true }
|
|
::= { tmnxLdapScalarConfigObjs 5 }
|
|
|
|
tmnxLdapPublicKeyAuthentication OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapPublicKeyAuthentication specifies
|
|
whether to use SSH public key ('true') or LDAP ('false') for
|
|
authentication."
|
|
DEFVAL { false }
|
|
::= { tmnxLdapScalarConfigObjs 6 }
|
|
|
|
tmnxLdapConfigObjs OBJECT IDENTIFIER ::= { tmnxLdapObjs 2 }
|
|
|
|
tmnxLdapServerTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxLdapServerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxLdapServerEntry has an entry for each LDAP server connection.
|
|
The table can have up to a maximum of 5 entries."
|
|
::= { tmnxLdapConfigObjs 1 }
|
|
|
|
tmnxLdapServerEntry OBJECT-TYPE
|
|
SYNTAX TmnxLdapServerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"tmnxLdapServerEntry is an entry (conceptual row) in the
|
|
tmnxLdapServerTable. Each entry represents the configuration for an
|
|
LDAP server connection.
|
|
|
|
Entries in this table can be created and deleted via SNMP SET
|
|
operations to tmnxLdapServerRowStatus."
|
|
INDEX { tmnxLdapServerIndex }
|
|
::= { tmnxLdapServerTable 1 }
|
|
|
|
TmnxLdapServerEntry ::= SEQUENCE
|
|
{
|
|
tmnxLdapServerIndex Unsigned32,
|
|
tmnxLdapServerLastChanged TimeStamp,
|
|
tmnxLdapServerRowStatus RowStatus,
|
|
tmnxLdapServerAdminState TmnxAdminState,
|
|
tmnxLdapServerOperState TmnxOperState,
|
|
tmnxLdapServerInetAddressType InetAddressType,
|
|
tmnxLdapServerInetAddress InetAddress,
|
|
tmnxLdapServerPort TTcpUdpPort,
|
|
tmnxLdapServerBindAuthRootDn TmnxLongDisplayString,
|
|
tmnxLdapServerBindAuthPassword DisplayString,
|
|
tmnxLdapServerName TNamedItemOrEmpty,
|
|
tmnxLdapServerSearch TmnxLongDisplayString,
|
|
tmnxLdapServerTlsProfile TNamedItemOrEmpty
|
|
}
|
|
|
|
tmnxLdapServerIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..5)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerIndex specifies a unique LDAP
|
|
server connection."
|
|
::= { tmnxLdapServerEntry 1 }
|
|
|
|
tmnxLdapServerLastChanged OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerLastChanged indicates the
|
|
timestamp of the last change to this row in tmnxLdapServerTable."
|
|
::= { tmnxLdapServerEntry 2 }
|
|
|
|
tmnxLdapServerRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerRowStatus specifies the status
|
|
of the conceptual row in tmnxLdapServerTable. Rows are created and
|
|
destroyed by SNMP SET operations on this object.
|
|
|
|
Only values 'active(1)', 'createAndGo(4)' and 'destroy(6)' are
|
|
supported."
|
|
::= { tmnxLdapServerEntry 3 }
|
|
|
|
tmnxLdapServerAdminState OBJECT-TYPE
|
|
SYNTAX TmnxAdminState
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerAdminState specifies the desired
|
|
administrative state of the LDAP server connection. The value 'noop'
|
|
is never allowed."
|
|
DEFVAL { outOfService }
|
|
::= { tmnxLdapServerEntry 4 }
|
|
|
|
tmnxLdapServerOperState OBJECT-TYPE
|
|
SYNTAX TmnxOperState
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerOperState indicates the
|
|
operational state of this LDAP server connection. The value of this
|
|
object is updated periodically if the health check functionality is
|
|
enabled, otherwise its value is updated when connection to the LDAP
|
|
server is attempted.
|
|
|
|
If the value is 'outOfService' then this LDAP server connection is not
|
|
available for use. If the value is 'inService' then this LDAP server
|
|
connection is available for use.
|
|
|
|
If the value of this object changes from 'outOfService' to 'inService'
|
|
or from 'inService' to 'outOfService' then
|
|
tmnxLdapServerOperStateChange notification will be sent."
|
|
::= { tmnxLdapServerEntry 5 }
|
|
|
|
tmnxLdapServerInetAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerInetAddressType specifies the
|
|
address type of tmnxLdapServerInetAddress address.
|
|
|
|
The value of tmnxLdapServerInetAddressType can be either of
|
|
InetAddressType - 'unknown' or InetAddressType - 'ipv4' or
|
|
InetAddressType - 'ipv6'."
|
|
DEFVAL { unknown }
|
|
::= { tmnxLdapServerEntry 6 }
|
|
|
|
tmnxLdapServerInetAddress OBJECT-TYPE
|
|
SYNTAX InetAddress (SIZE (0|4|16))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerInetAddress specifies the IP
|
|
address of the LDAP server."
|
|
DEFVAL { ''H }
|
|
::= { tmnxLdapServerEntry 7 }
|
|
|
|
tmnxLdapServerPort OBJECT-TYPE
|
|
SYNTAX TTcpUdpPort (1..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerPort specifies the number of IP
|
|
port on which to contact the LDAP server."
|
|
DEFVAL { 389 }
|
|
::= { tmnxLdapServerEntry 8 }
|
|
|
|
tmnxLdapServerBindAuthRootDn OBJECT-TYPE
|
|
SYNTAX TmnxLongDisplayString (SIZE (0..512))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerBindAuthRootDn specifies the
|
|
distinguished name used to authenticate with the LDAP server."
|
|
DEFVAL { ''H }
|
|
::= { tmnxLdapServerEntry 9 }
|
|
|
|
tmnxLdapServerBindAuthPassword OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (0..128))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerBindAuthPassword specifies the
|
|
password used to authenticate with the LDAP server."
|
|
DEFVAL { ''H }
|
|
::= { tmnxLdapServerEntry 10 }
|
|
|
|
tmnxLdapServerName OBJECT-TYPE
|
|
SYNTAX TNamedItemOrEmpty
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerName specifies the name assigned
|
|
to this LDAP server by a user."
|
|
DEFVAL { ''H }
|
|
::= { tmnxLdapServerEntry 11 }
|
|
|
|
tmnxLdapServerSearch OBJECT-TYPE
|
|
SYNTAX TmnxLongDisplayString (SIZE (0..512))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerSearch specifies the base
|
|
distinguished name for a search of user credentials."
|
|
DEFVAL { ''H }
|
|
::= { tmnxLdapServerEntry 12 }
|
|
|
|
tmnxLdapServerTlsProfile OBJECT-TYPE
|
|
SYNTAX TNamedItemOrEmpty
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tmnxLdapServerTlsProfile specifies a TLS
|
|
certificate profile name used by this LDAP server connection."
|
|
DEFVAL { ''H }
|
|
::= { tmnxLdapServerEntry 13 }
|
|
|
|
tmnxLdapStatsObjs OBJECT IDENTIFIER ::= { tmnxLdapObjs 3 }
|
|
|
|
tmnxLdapNotificationObjs OBJECT IDENTIFIER ::= { tmnxLdapObjs 10 }
|
|
|
|
tmnxLdapConformance OBJECT IDENTIFIER ::= { tmnxSRConfs 106 }
|
|
|
|
tmnxLdapCompliances OBJECT IDENTIFIER ::= { tmnxLdapConformance 1 }
|
|
|
|
tmnxLdapCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for the management of the LDAP feature on
|
|
Nokia SROS series systems."
|
|
MODULE
|
|
MANDATORY-GROUPS {
|
|
tmnxLdapInitialGroup,
|
|
tmnxLdapNotifyGroup
|
|
}
|
|
::= { tmnxLdapCompliances 1 }
|
|
|
|
tmnxLdapGroups OBJECT IDENTIFIER ::= { tmnxLdapConformance 2 }
|
|
|
|
tmnxLdapInitialGroups OBJECT IDENTIFIER ::= { tmnxLdapGroups 1 }
|
|
|
|
tmnxLdapInitialGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
tmnxLdapAdminState,
|
|
tmnxLdapOperState,
|
|
tmnxLdapRetryAttempts,
|
|
tmnxLdapTimeout,
|
|
tmnxLdapUseTemplate,
|
|
tmnxLdapPublicKeyAuthentication,
|
|
tmnxLdapServerTableLastChanged,
|
|
tmnxLdapServerLastChanged,
|
|
tmnxLdapServerRowStatus,
|
|
tmnxLdapServerAdminState,
|
|
tmnxLdapServerOperState,
|
|
tmnxLdapServerInetAddressType,
|
|
tmnxLdapServerInetAddress,
|
|
tmnxLdapServerPort,
|
|
tmnxLdapServerBindAuthRootDn,
|
|
tmnxLdapServerBindAuthPassword,
|
|
tmnxLdapServerName,
|
|
tmnxLdapServerSearch,
|
|
tmnxLdapServerTlsProfile
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group of objects supporting management of LDAP capabilities on
|
|
Nokia SROS series systems."
|
|
::= { tmnxLdapInitialGroups 1 }
|
|
|
|
tmnxLdapNotifyGroup NOTIFICATION-GROUP
|
|
NOTIFICATIONS {
|
|
tmnxLdapOperStateChange,
|
|
tmnxLdapServerOperStateChange
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group of notifications supporting LDAP feature on Nokia SROS
|
|
systems."
|
|
::= { tmnxLdapInitialGroups 2 }
|
|
|
|
tmnxLdapNotifyPrefix OBJECT IDENTIFIER ::= { tmnxSRNotifyPrefix 106 }
|
|
|
|
tmnxLdapNotifications OBJECT IDENTIFIER ::= { tmnxLdapNotifyPrefix 0 }
|
|
|
|
tmnxLdapOperStateChange NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxLdapOperState
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE]The tmnxLdapOperStateChange notification is generated when the
|
|
tmnxLdapOperState has transitioned either from 'outOfService' to
|
|
'inService' or from 'inService' to 'outOfService' state.
|
|
|
|
[EFFECT]If tmnxLdapOperState has transitioned to 'outOfService' state
|
|
then the LDAP protocol is not available for use. If tmnxLdapOperState
|
|
has transitioned to 'inService' state then the LDAP protocol is
|
|
available for use.
|
|
|
|
[RECOVERY]If the new state corresponds to the value of
|
|
tmnxLdapAdminState, then this is desirable behavior and no recovery is
|
|
needed. If the new state of the tmnxLdapOperState object is
|
|
'outOfService' while the value of the object tmnxLdapAdminState is
|
|
'inService', make sure that the value of tmnxLdapServerOperState of at
|
|
least one LDAP server connection is 'inService'."
|
|
::= { tmnxLdapNotifications 1 }
|
|
|
|
tmnxLdapServerOperStateChange NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxLdapServerName,
|
|
tmnxLdapServerOperState,
|
|
tmnxLdapServerInetAddressType,
|
|
tmnxLdapServerInetAddress,
|
|
tmnxLdapServerPort
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE]The tmnxLdapServerOperStateChange notification is generated
|
|
when the tmnxLdapServerOperState has transitioned either from
|
|
'outOfService' to 'inService' or from 'inService' to 'outOfService'
|
|
state.
|
|
|
|
[EFFECT]If tmnxLdapServerOperState has transitioned to 'outOfService'
|
|
state then the particular LDAP server connection is not available for
|
|
use. If tmnxLdapServerOperState has transitioned to 'inService' state
|
|
then the particular LDAP server connection is available for use.
|
|
|
|
[RECOVERY]If the new state corresponds to the
|
|
tmnxLdapServerAdminState, then this is the desirable behavior and no
|
|
recovery is needed. If the new state of the tmnxLdapServerOperState
|
|
object is 'outOfService' while the value of the object
|
|
tmnxLdapServerAdminState is 'inService', make sure that the LDAP
|
|
server connection parameters are properly configured and the LDAP
|
|
server is reachable."
|
|
::= { tmnxLdapNotifications 2 }
|
|
|
|
END
|