1157 lines
40 KiB
Plaintext
1157 lines
40 KiB
Plaintext
IPS-AUTH-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY, Unsigned32,
|
|
mib-2
|
|
FROM SNMPv2-SMI
|
|
|
|
TEXTUAL-CONVENTION, RowStatus, AutonomousType, StorageType
|
|
FROM SNMPv2-TC
|
|
|
|
MODULE-COMPLIANCE, OBJECT-GROUP
|
|
FROM SNMPv2-CONF
|
|
|
|
SnmpAdminString
|
|
FROM SNMP-FRAMEWORK-MIB -- RFC 3411
|
|
|
|
AddressFamilyNumbers
|
|
FROM IANA-ADDRESS-FAMILY-NUMBERS-MIB
|
|
;
|
|
|
|
ipsAuthMibModule MODULE-IDENTITY
|
|
LAST-UPDATED "200605220000Z" -- May 22, 2006
|
|
ORGANIZATION "IETF IPS Working Group"
|
|
CONTACT-INFO
|
|
"
|
|
Mark Bakke
|
|
Postal: Cisco Systems, Inc
|
|
7900 International Drive, Suite 400
|
|
Bloomington, MN
|
|
USA 55425
|
|
|
|
E-mail: mbakke@cisco.com
|
|
|
|
James Muchow
|
|
Postal: Qlogic Corp.
|
|
6321 Bury Dr.
|
|
Eden Prairie, MN
|
|
USA 55346
|
|
|
|
E-Mail: james.muchow@qlogic.com"
|
|
DESCRIPTION
|
|
"The IP Storage Authorization MIB module.
|
|
Copyright (C) The Internet Society (2006). This version of
|
|
this MIB module is part of RFC 4545; see the RFC itself for
|
|
full legal notices."
|
|
|
|
REVISION "200605220000Z" -- May 22, 2006
|
|
DESCRIPTION
|
|
"Initial version of the IP Storage Authentication MIB module,
|
|
published as RFC 4545"
|
|
::= { mib-2 141 }
|
|
|
|
ipsAuthNotifications OBJECT IDENTIFIER ::= { ipsAuthMibModule 0 }
|
|
ipsAuthObjects OBJECT IDENTIFIER ::= { ipsAuthMibModule 1 }
|
|
ipsAuthConformance OBJECT IDENTIFIER ::= { ipsAuthMibModule 2 }
|
|
|
|
-- Textual Conventions
|
|
|
|
IpsAuthAddress ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP Storage requires the use of address information
|
|
that uses not only the InetAddress type defined in the
|
|
INET-ADDRESS-MIB, but also Fibre Channel type defined
|
|
in the Fibre Channel Management MIB. Although these
|
|
address types are recognized in the IANA Address Family
|
|
Numbers MIB, the addressing mechanisms have not been
|
|
merged into a well-known, common type. This data type,
|
|
the IpsAuthAddress, performs the merging for this MIB
|
|
module.
|
|
|
|
The formats of objects of this type are determined by
|
|
a corresponding object with syntax AddressFamilyNumbers,
|
|
and thus every object defined using this TC must
|
|
identify the object with syntax AddressFamilyNumbers
|
|
that specifies its type.
|
|
|
|
The syntax and semantics of this object depend on the
|
|
identified AddressFamilyNumbers object as follows:
|
|
|
|
AddressFamilyNumbers this object
|
|
==================== ===========
|
|
ipV4(1) restricted to the same syntax and
|
|
semantics as the InetAddressIPv4 TC.
|
|
|
|
ipV6(2) restricted to the same syntax and
|
|
semantics as the InetAddressIPv6 TC.
|
|
|
|
fibreChannelWWPN (22)
|
|
& fibreChannelWWNN(23) restricted to the same syntax and
|
|
semantics as the FcNameIdOrZero TC.
|
|
|
|
Types other than the above should not be used unless
|
|
|
|
the corresponding format of the IpsAuthAddress object is
|
|
further specified (e.g., in a future revision of this TC)."
|
|
REFERENCE
|
|
"IANA-ADDRESS-FAMILY-NUMBERS-MIB;
|
|
INET-ADDRESS-MIB (RFC 4001);
|
|
FC-MGMT-MIB (RFC 4044)."
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
|
|
--******************************************************************
|
|
|
|
ipsAuthDescriptors OBJECT IDENTIFIER ::= { ipsAuthObjects 1 }
|
|
|
|
ipsAuthMethodTypes OBJECT-IDENTITY
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Registration point for Authentication Method Types."
|
|
REFERENCE "RFC 3720, iSCSI Protocol Specification."
|
|
::= { ipsAuthDescriptors 1 }
|
|
|
|
ipsAuthMethodNone OBJECT-IDENTITY
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authoritative identifier when no authentication
|
|
method is used."
|
|
REFERENCE "RFC 3720, iSCSI Protocol Specification."
|
|
::= { ipsAuthMethodTypes 1 }
|
|
|
|
ipsAuthMethodSrp OBJECT-IDENTITY
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authoritative identifier when the authentication
|
|
method is SRP."
|
|
REFERENCE "RFC 3720, iSCSI Protocol Specification."
|
|
::= { ipsAuthMethodTypes 2 }
|
|
|
|
ipsAuthMethodChap OBJECT-IDENTITY
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authoritative identifier when the authentication
|
|
method is CHAP."
|
|
REFERENCE "RFC 3720, iSCSI Protocol Specification."
|
|
::= { ipsAuthMethodTypes 3 }
|
|
|
|
ipsAuthMethodKerberos OBJECT-IDENTITY
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authoritative identifier when the authentication
|
|
method is Kerberos."
|
|
REFERENCE "RFC 3720, iSCSI Protocol Specification."
|
|
::= { ipsAuthMethodTypes 4 }
|
|
|
|
--******************************************************************
|
|
|
|
ipsAuthInstance OBJECT IDENTIFIER ::= { ipsAuthObjects 2 }
|
|
|
|
-- Instance Attributes Table
|
|
|
|
ipsAuthInstanceAttributesTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpsAuthInstanceAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A list of Authorization instances present on the system."
|
|
::= { ipsAuthInstance 2 }
|
|
|
|
ipsAuthInstanceAttributesEntry OBJECT-TYPE
|
|
SYNTAX IpsAuthInstanceAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (row) containing management information
|
|
applicable to a particular Authorization instance."
|
|
INDEX { ipsAuthInstIndex }
|
|
::= { ipsAuthInstanceAttributesTable 1 }
|
|
|
|
IpsAuthInstanceAttributesEntry ::= SEQUENCE {
|
|
ipsAuthInstIndex Unsigned32,
|
|
ipsAuthInstDescr SnmpAdminString,
|
|
ipsAuthInstStorageType StorageType
|
|
}
|
|
|
|
ipsAuthInstIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An arbitrary integer used to uniquely identify a
|
|
particular authorization instance. This index value
|
|
must not be modified or reused by an agent unless
|
|
a reboot has occurred. An agent should attempt to
|
|
keep this value persistent across reboots."
|
|
::= { ipsAuthInstanceAttributesEntry 1 }
|
|
|
|
ipsAuthInstDescr OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A character string, determined by the implementation to
|
|
describe the authorization instance. When only a single
|
|
instance is present, this object may be set to the
|
|
zero-length string; with multiple authorization
|
|
instances, it must be set to a unique value in an
|
|
implementation-dependent manner to describe the purpose
|
|
of the respective instance. If this is deployed in a
|
|
master agent with more than one subagent implementing
|
|
this MIB module, the master agent is responsible for
|
|
ensuring that this object is unique across all
|
|
subagents."
|
|
::= { ipsAuthInstanceAttributesEntry 2 }
|
|
|
|
ipsAuthInstStorageType OBJECT-TYPE
|
|
SYNTAX StorageType
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The storage type for all read-write objects within this
|
|
row. Rows in this table are always created via an
|
|
external process, and may have a storage type of readOnly
|
|
or permanent. Conceptual rows having the value 'permanent'
|
|
need not allow write access to any columnar objects in
|
|
the row.
|
|
|
|
If this object has the value 'volatile', modifications
|
|
to read-write objects in this row are not persistent
|
|
across reboots. If this object has the value
|
|
'nonVolatile', modifications to objects in this row
|
|
are persistent.
|
|
|
|
An implementation may choose to allow this object
|
|
to be set to either 'nonVolatile' or 'volatile',
|
|
allowing the management application to choose this
|
|
behavior."
|
|
DEFVAL { volatile }
|
|
::= { ipsAuthInstanceAttributesEntry 3 }
|
|
|
|
ipsAuthIdentity OBJECT IDENTIFIER ::= { ipsAuthObjects 3 }
|
|
|
|
-- User Identity Attributes Table
|
|
|
|
ipsAuthIdentAttributesTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpsAuthIdentAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A list of user identities, each belonging to a
|
|
particular ipsAuthInstance."
|
|
::= { ipsAuthIdentity 1 }
|
|
|
|
ipsAuthIdentAttributesEntry OBJECT-TYPE
|
|
SYNTAX IpsAuthIdentAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (row) containing management information
|
|
describing a user identity within an authorization
|
|
instance on this node."
|
|
INDEX { ipsAuthInstIndex, ipsAuthIdentIndex }
|
|
::= { ipsAuthIdentAttributesTable 1 }
|
|
|
|
IpsAuthIdentAttributesEntry ::= SEQUENCE {
|
|
ipsAuthIdentIndex Unsigned32,
|
|
ipsAuthIdentDescription SnmpAdminString,
|
|
ipsAuthIdentRowStatus RowStatus,
|
|
ipsAuthIdentStorageType StorageType
|
|
}
|
|
|
|
ipsAuthIdentIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An arbitrary integer used to uniquely identify a
|
|
particular identity instance within an authorization
|
|
instance present on the node. This index value
|
|
must not be modified or reused by an agent unless
|
|
a reboot has occurred. An agent should attempt to
|
|
keep this value persistent across reboots."
|
|
::= { ipsAuthIdentAttributesEntry 1 }
|
|
|
|
ipsAuthIdentDescription OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A character string describing this particular identity."
|
|
::= { ipsAuthIdentAttributesEntry 2 }
|
|
|
|
ipsAuthIdentRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field allows entries to be dynamically added and
|
|
removed from this table via SNMP. When adding a row to
|
|
this table, all non-Index/RowStatus objects must be set.
|
|
Rows may be discarded using RowStatus. The value of
|
|
ipsAuthIdentDescription may be set while
|
|
ipsAuthIdentRowStatus is 'active'."
|
|
::= { ipsAuthIdentAttributesEntry 3 }
|
|
|
|
ipsAuthIdentStorageType OBJECT-TYPE
|
|
SYNTAX StorageType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The storage type for all read-create objects in this row.
|
|
Rows in this table that were created through an external
|
|
process may have a storage type of readOnly or permanent.
|
|
Conceptual rows having the value 'permanent' need not
|
|
allow write access to any columnar objects in the row."
|
|
DEFVAL { nonVolatile }
|
|
::= { ipsAuthIdentAttributesEntry 4 }
|
|
|
|
ipsAuthIdentityName OBJECT IDENTIFIER ::= { ipsAuthObjects 4 }
|
|
|
|
-- User Initiator Name Attributes Table
|
|
|
|
ipsAuthIdentNameAttributesTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpsAuthIdentNameAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A list of unique names that can be used to positively
|
|
identify a particular user identity."
|
|
::= { ipsAuthIdentityName 1 }
|
|
|
|
ipsAuthIdentNameAttributesEntry OBJECT-TYPE
|
|
SYNTAX IpsAuthIdentNameAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (row) containing management information
|
|
applicable to a unique identity name, which can be used
|
|
to identify a user identity within a particular
|
|
authorization instance."
|
|
INDEX { ipsAuthInstIndex, ipsAuthIdentIndex,
|
|
ipsAuthIdentNameIndex }
|
|
::= { ipsAuthIdentNameAttributesTable 1 }
|
|
|
|
IpsAuthIdentNameAttributesEntry ::= SEQUENCE {
|
|
ipsAuthIdentNameIndex Unsigned32,
|
|
ipsAuthIdentName SnmpAdminString,
|
|
ipsAuthIdentNameRowStatus RowStatus,
|
|
ipsAuthIdentNameStorageType StorageType
|
|
}
|
|
|
|
ipsAuthIdentNameIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An arbitrary integer used to uniquely identify a
|
|
particular identity name instance within an
|
|
ipsAuthIdentity within an authorization instance.
|
|
This index value must not be modified or reused by
|
|
an agent unless a reboot has occurred. An agent
|
|
should attempt to keep this value persistent across
|
|
reboots."
|
|
::= { ipsAuthIdentNameAttributesEntry 1 }
|
|
|
|
ipsAuthIdentName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A character string that is the unique name of an
|
|
identity that may be used to identify this ipsAuthIdent
|
|
entry."
|
|
::= { ipsAuthIdentNameAttributesEntry 2 }
|
|
|
|
ipsAuthIdentNameRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field allows entries to be dynamically added and
|
|
removed from this table via SNMP. When adding a row to
|
|
this table, all non-Index/RowStatus objects must be set.
|
|
Rows may be discarded using RowStatus. The value of
|
|
ipsAuthIdentName may be set when this value is 'active'."
|
|
::= { ipsAuthIdentNameAttributesEntry 3 }
|
|
|
|
ipsAuthIdentNameStorageType OBJECT-TYPE
|
|
SYNTAX StorageType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The storage type for all read-create objects in this row.
|
|
Rows in this table that were created through an external
|
|
process may have a storage type of readOnly or permanent.
|
|
Conceptual rows having the value 'permanent' need not
|
|
allow write access to any columnar objects in the row."
|
|
DEFVAL { nonVolatile }
|
|
::= { ipsAuthIdentNameAttributesEntry 4 }
|
|
|
|
ipsAuthIdentityAddress OBJECT IDENTIFIER ::= { ipsAuthObjects 5 }
|
|
|
|
-- User Initiator Address Attributes Table
|
|
|
|
ipsAuthIdentAddrAttributesTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpsAuthIdentAddrAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A list of address ranges that are allowed to serve
|
|
as the endpoint addresses of a particular identity.
|
|
An address range includes a starting and ending address
|
|
and an optional netmask, and an address type indicator,
|
|
which can specify whether the address is IPv4, IPv6,
|
|
FC-WWPN, or FC-WWNN."
|
|
::= { ipsAuthIdentityAddress 1 }
|
|
|
|
ipsAuthIdentAddrAttributesEntry OBJECT-TYPE
|
|
SYNTAX IpsAuthIdentAddrAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (row) containing management information
|
|
applicable to an address range that is used as part
|
|
of the authorization of an identity
|
|
within an authorization instance on this node."
|
|
INDEX { ipsAuthInstIndex, ipsAuthIdentIndex,
|
|
ipsAuthIdentAddrIndex }
|
|
::= { ipsAuthIdentAddrAttributesTable 1 }
|
|
|
|
IpsAuthIdentAddrAttributesEntry ::= SEQUENCE {
|
|
ipsAuthIdentAddrIndex Unsigned32,
|
|
ipsAuthIdentAddrType AddressFamilyNumbers,
|
|
ipsAuthIdentAddrStart IpsAuthAddress,
|
|
ipsAuthIdentAddrEnd IpsAuthAddress,
|
|
ipsAuthIdentAddrRowStatus RowStatus,
|
|
ipsAuthIdentAddrStorageType StorageType
|
|
}
|
|
|
|
ipsAuthIdentAddrIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An arbitrary integer used to uniquely identify a
|
|
particular ipsAuthIdentAddress instance within an
|
|
ipsAuthIdentity within an authorization instance
|
|
present on the node.
|
|
This index value must not be modified or reused by
|
|
an agent unless a reboot has occurred. An agent
|
|
should attempt to keep this value persistent across
|
|
reboots."
|
|
::= { ipsAuthIdentAddrAttributesEntry 1 }
|
|
|
|
ipsAuthIdentAddrType OBJECT-TYPE
|
|
SYNTAX AddressFamilyNumbers
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The address types used in the ipsAuthIdentAddrStart
|
|
and ipsAuthAddrEnd objects. This type is taken
|
|
from the IANA address family types."
|
|
::= { ipsAuthIdentAddrAttributesEntry 2 }
|
|
|
|
ipsAuthIdentAddrStart OBJECT-TYPE
|
|
SYNTAX IpsAuthAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The starting address of the allowed address range.
|
|
The format of this object is determined by
|
|
ipsAuthIdentAddrType."
|
|
::= { ipsAuthIdentAddrAttributesEntry 3 }
|
|
|
|
ipsAuthIdentAddrEnd OBJECT-TYPE
|
|
SYNTAX IpsAuthAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ending address of the allowed address range.
|
|
If the ipsAuthIdentAddrEntry specifies a single
|
|
address, this shall match the ipsAuthIdentAddrStart.
|
|
The format of this object is determined by
|
|
ipsAuthIdentAddrType."
|
|
::= { ipsAuthIdentAddrAttributesEntry 4 }
|
|
|
|
ipsAuthIdentAddrRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field allows entries to be dynamically added and
|
|
removed from this table via SNMP. When adding a row to
|
|
this table, all non-Index/RowStatus objects must be set.
|
|
Rows may be discarded using RowStatus. The values of
|
|
ipsAuthIdentAddrStart and ipsAuthIdentAddrEnd may be set
|
|
when this value is 'active'. The value of
|
|
ipsAuthIdentAddrType may not be set when this value is
|
|
'active'."
|
|
::= { ipsAuthIdentAddrAttributesEntry 5 }
|
|
|
|
ipsAuthIdentAddrStorageType OBJECT-TYPE
|
|
SYNTAX StorageType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The storage type for all read-create objects in this row.
|
|
Rows in this table that were created through an external
|
|
process may have a storage type of readOnly or permanent.
|
|
Conceptual rows having the value 'permanent' need not
|
|
allow write access to any columnar objects in the row."
|
|
DEFVAL { nonVolatile }
|
|
::= { ipsAuthIdentAddrAttributesEntry 6 }
|
|
|
|
ipsAuthCredential OBJECT IDENTIFIER ::= { ipsAuthObjects 6 }
|
|
|
|
-- Credential Attributes Table
|
|
|
|
ipsAuthCredentialAttributesTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpsAuthCredentialAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A list of credentials related to user identities
|
|
that are allowed as valid authenticators of the
|
|
particular identity."
|
|
::= { ipsAuthCredential 1 }
|
|
|
|
ipsAuthCredentialAttributesEntry OBJECT-TYPE
|
|
SYNTAX IpsAuthCredentialAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (row) containing management information
|
|
applicable to a credential that verifies a user
|
|
identity within an authorization instance.
|
|
|
|
To provide complete information in this MIB for a credential,
|
|
the management station must not only create the row in this
|
|
table but must also create a row in another table, where the
|
|
other table is determined by the value of
|
|
ipsAuthCredAuthMethod, e.g., if ipsAuthCredAuthMethod has the
|
|
value ipsAuthMethodChap, a row must be created in the
|
|
ipsAuthCredChapAttributesTable."
|
|
INDEX { ipsAuthInstIndex, ipsAuthIdentIndex, ipsAuthCredIndex }
|
|
::= { ipsAuthCredentialAttributesTable 1 }
|
|
|
|
IpsAuthCredentialAttributesEntry ::= SEQUENCE {
|
|
ipsAuthCredIndex Unsigned32,
|
|
ipsAuthCredAuthMethod AutonomousType,
|
|
ipsAuthCredRowStatus RowStatus,
|
|
ipsAuthCredStorageType StorageType
|
|
}
|
|
|
|
ipsAuthCredIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An arbitrary integer used to uniquely identify a
|
|
particular Credential instance within an instance
|
|
present on the node.
|
|
This index value must not be modified or reused by
|
|
an agent unless a reboot has occurred. An agent
|
|
should attempt to keep this value persistent across
|
|
reboots."
|
|
::= { ipsAuthCredentialAttributesEntry 1 }
|
|
|
|
ipsAuthCredAuthMethod OBJECT-TYPE
|
|
SYNTAX AutonomousType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains an OBJECT IDENTIFIER
|
|
that identifies the authentication method
|
|
used with this credential.
|
|
|
|
When a row is created in this table, a corresponding
|
|
row must be created by the management station
|
|
in a corresponding table specified by this value.
|
|
|
|
When a row is deleted from this table, the corresponding
|
|
row must be automatically deleted by the agent in
|
|
the corresponding table specified by this value.
|
|
|
|
If the value of this object is ipsAuthMethodNone, no
|
|
corresponding rows are created or deleted from other
|
|
tables.
|
|
|
|
Some standardized values for this object are defined
|
|
within the ipsAuthMethodTypes subtree."
|
|
::= { ipsAuthCredentialAttributesEntry 2 }
|
|
|
|
ipsAuthCredRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field allows entries to be dynamically added and
|
|
removed from this table via SNMP. When adding a row to
|
|
this table, all non-Index/RowStatus objects must be set.
|
|
Rows may be discarded using RowStatus. The value of
|
|
ipsAuthCredAuthMethod must not be changed while this row
|
|
is 'active'."
|
|
::= { ipsAuthCredentialAttributesEntry 3 }
|
|
|
|
ipsAuthCredStorageType OBJECT-TYPE
|
|
SYNTAX StorageType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The storage type for all read-create objects in this row.
|
|
Rows in this table that were created through an external
|
|
process may have a storage type of readOnly or permanent.
|
|
Conceptual rows having the value 'permanent' need not
|
|
allow write access to any columnar objects in the row."
|
|
DEFVAL { nonVolatile }
|
|
::= { ipsAuthCredentialAttributesEntry 4 }
|
|
|
|
ipsAuthCredChap OBJECT IDENTIFIER ::= { ipsAuthObjects 7 }
|
|
|
|
-- Credential Chap-Specific Attributes Table
|
|
|
|
ipsAuthCredChapAttributesTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpsAuthCredChapAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A list of CHAP attributes for credentials that
|
|
use ipsAuthMethodChap as their ipsAuthCredAuthMethod.
|
|
|
|
A row in this table can only exist when an instance of
|
|
the ipsAuthCredAuthMethod object exists (or is created
|
|
|
|
simultaneously) having the same instance identifiers
|
|
and a value of 'ipsAuthMethodChap'."
|
|
::= { ipsAuthCredChap 1 }
|
|
|
|
ipsAuthCredChapAttributesEntry OBJECT-TYPE
|
|
SYNTAX IpsAuthCredChapAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (row) containing management information
|
|
applicable to a credential that uses
|
|
ipsAuthMethodChap as their ipsAuthCredAuthMethod.
|
|
|
|
When a row is created in ipsAuthCredentialAttributesTable
|
|
with ipsAuthCredAuthMethod = ipsAuthCredChap, the
|
|
management station must create a corresponding row
|
|
in this table.
|
|
|
|
When a row is deleted from ipsAuthCredentialAttributesTable
|
|
with ipsAuthCredAuthMethod = ipsAuthCredChap, the
|
|
agent must delete the corresponding row (if any) in
|
|
this table."
|
|
INDEX { ipsAuthInstIndex, ipsAuthIdentIndex, ipsAuthCredIndex }
|
|
::= { ipsAuthCredChapAttributesTable 1 }
|
|
|
|
IpsAuthCredChapAttributesEntry ::= SEQUENCE {
|
|
ipsAuthCredChapUserName SnmpAdminString,
|
|
ipsAuthCredChapRowStatus RowStatus,
|
|
ipsAuthCredChapStorageType StorageType
|
|
}
|
|
|
|
ipsAuthCredChapUserName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A character string containing the CHAP user name for this
|
|
credential."
|
|
REFERENCE
|
|
"W. Simpson, RFC 1994: PPP Challenge Handshake
|
|
Authentication Protocol (CHAP), August 1996"
|
|
::= { ipsAuthCredChapAttributesEntry 1 }
|
|
|
|
ipsAuthCredChapRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field allows entries to be dynamically added and
|
|
removed from this table via SNMP. When adding a row to
|
|
this table, all non-Index/RowStatus objects must be set.
|
|
Rows may be discarded using RowStatus. The value of
|
|
ipsAuthCredChapUserName may be changed while this row
|
|
is 'active'."
|
|
::= { ipsAuthCredChapAttributesEntry 2 }
|
|
|
|
ipsAuthCredChapStorageType OBJECT-TYPE
|
|
SYNTAX StorageType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The storage type for all read-create objects in this row.
|
|
Rows in this table that were created through an external
|
|
process may have a storage type of readOnly or permanent.
|
|
Conceptual rows having the value 'permanent' need not
|
|
allow write access to any columnar objects in the row."
|
|
DEFVAL { nonVolatile }
|
|
::= { ipsAuthCredChapAttributesEntry 3 }
|
|
|
|
ipsAuthCredSrp OBJECT IDENTIFIER ::= { ipsAuthObjects 8 }
|
|
|
|
-- Credential Srp-Specific Attributes Table
|
|
|
|
ipsAuthCredSrpAttributesTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpsAuthCredSrpAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A list of SRP attributes for credentials that
|
|
use ipsAuthMethodSrp as its ipsAuthCredAuthMethod.
|
|
|
|
A row in this table can only exist when an instance of
|
|
the ipsAuthCredAuthMethod object exists (or is created
|
|
simultaneously) having the same instance identifiers
|
|
and a value of 'ipsAuthMethodSrp'."
|
|
::= { ipsAuthCredSrp 1 }
|
|
|
|
ipsAuthCredSrpAttributesEntry OBJECT-TYPE
|
|
SYNTAX IpsAuthCredSrpAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (row) containing management information
|
|
applicable to a credential that uses
|
|
ipsAuthMethodSrp as their ipsAuthCredAuthMethod.
|
|
|
|
When a row is created in ipsAuthCredentialAttributesTable
|
|
with ipsAuthCredAuthMethod = ipsAuthCredSrp, the
|
|
management station must create a corresponding row
|
|
in this table.
|
|
|
|
When a row is deleted from ipsAuthCredentialAttributesTable
|
|
with ipsAuthCredAuthMethod = ipsAuthCredSrp, the
|
|
agent must delete the corresponding row (if any) in
|
|
this table."
|
|
INDEX { ipsAuthInstIndex, ipsAuthIdentIndex, ipsAuthCredIndex }
|
|
::= { ipsAuthCredSrpAttributesTable 1 }
|
|
|
|
IpsAuthCredSrpAttributesEntry ::= SEQUENCE {
|
|
ipsAuthCredSrpUserName SnmpAdminString,
|
|
ipsAuthCredSrpRowStatus RowStatus,
|
|
ipsAuthCredSrpStorageType StorageType
|
|
}
|
|
|
|
ipsAuthCredSrpUserName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A character string containing the SRP user name for this
|
|
credential."
|
|
REFERENCE
|
|
"T. Wu, RFC 2945: The SRP Authentication and Key
|
|
Exchange System, September 2000"
|
|
::= { ipsAuthCredSrpAttributesEntry 1 }
|
|
|
|
ipsAuthCredSrpRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field allows entries to be dynamically added and
|
|
removed from this table via SNMP. When adding a row to
|
|
this table, all non-Index/RowStatus objects must be set.
|
|
Rows may be discarded using RowStatus. The value of
|
|
ipsAuthCredSrpUserName may be changed while the status
|
|
of this row is 'active'."
|
|
::= { ipsAuthCredSrpAttributesEntry 2 }
|
|
|
|
ipsAuthCredSrpStorageType OBJECT-TYPE
|
|
SYNTAX StorageType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The storage type for all read-create objects in this row.
|
|
Rows in this table that were created through an external
|
|
process may have a storage type of readOnly or permanent.
|
|
Conceptual rows having the value 'permanent' need not
|
|
allow write access to any columnar objects in the row."
|
|
DEFVAL { nonVolatile }
|
|
::= { ipsAuthCredSrpAttributesEntry 3 }
|
|
|
|
ipsAuthCredKerberos OBJECT IDENTIFIER ::= { ipsAuthObjects 9 }
|
|
|
|
-- Credential Kerberos-Specific Attributes Table
|
|
|
|
ipsAuthCredKerbAttributesTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpsAuthCredKerbAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A list of Kerberos attributes for credentials that
|
|
use ipsAuthMethodKerberos as their ipsAuthCredAuthMethod.
|
|
|
|
A row in this table can only exist when an instance of
|
|
the ipsAuthCredAuthMethod object exists (or is created
|
|
simultaneously) having the same instance identifiers
|
|
and a value of 'ipsAuthMethodKerb'."
|
|
::= { ipsAuthCredKerberos 1 }
|
|
|
|
ipsAuthCredKerbAttributesEntry OBJECT-TYPE
|
|
SYNTAX IpsAuthCredKerbAttributesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (row) containing management information
|
|
applicable to a credential that uses
|
|
ipsAuthMethodKerberos as its ipsAuthCredAuthMethod.
|
|
|
|
When a row is created in ipsAuthCredentialAttributesTable
|
|
with ipsAuthCredAuthMethod = ipsAuthCredKerberos, the
|
|
management station must create a corresponding row
|
|
in this table.
|
|
|
|
When a row is deleted from ipsAuthCredentialAttributesTable
|
|
with ipsAuthCredAuthMethod = ipsAuthCredKerberos, the
|
|
agent must delete the corresponding row (if any) in
|
|
this table."
|
|
INDEX { ipsAuthInstIndex, ipsAuthIdentIndex, ipsAuthCredIndex }
|
|
::= { ipsAuthCredKerbAttributesTable 1 }
|
|
|
|
IpsAuthCredKerbAttributesEntry ::= SEQUENCE {
|
|
|
|
ipsAuthCredKerbPrincipal SnmpAdminString,
|
|
ipsAuthCredKerbRowStatus RowStatus,
|
|
ipsAuthCredKerbStorageType StorageType
|
|
}
|
|
|
|
ipsAuthCredKerbPrincipal OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A character string containing a Kerberos principal
|
|
for this credential."
|
|
REFERENCE
|
|
"C. Neuman, S. Hartman, and K. Raeburn, RFC 4120:
|
|
The Kerberos Network Authentication Service (V5),
|
|
July 2005"
|
|
::= { ipsAuthCredKerbAttributesEntry 1 }
|
|
|
|
ipsAuthCredKerbRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field allows entries to be dynamically added and
|
|
removed from this table via SNMP. When adding a row to
|
|
this table, all non-Index/RowStatus objects must be set.
|
|
Rows may be discarded using RowStatus. The value of
|
|
ipsAuthCredKerbPrincipal may be changed while this row
|
|
is 'active'."
|
|
::= { ipsAuthCredKerbAttributesEntry 2 }
|
|
|
|
ipsAuthCredKerbStorageType OBJECT-TYPE
|
|
SYNTAX StorageType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The storage type for all read-create objects in this row.
|
|
Rows in this table that were created through an external
|
|
process may have a storage type of readOnly or permanent.
|
|
Conceptual rows having the value 'permanent' need not
|
|
allow write access to any columnar objects in the row."
|
|
DEFVAL { nonVolatile }
|
|
::= { ipsAuthCredKerbAttributesEntry 3 }
|
|
|
|
--******************************************************************
|
|
-- Notifications
|
|
|
|
-- There are no notifications necessary in this MIB module.
|
|
|
|
--******************************************************************
|
|
|
|
-- Conformance Statements
|
|
|
|
ipsAuthCompliances OBJECT IDENTIFIER ::= { ipsAuthConformance 1 }
|
|
ipsAuthGroups OBJECT IDENTIFIER ::= { ipsAuthConformance 2 }
|
|
|
|
ipsAuthInstanceAttributesGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
ipsAuthInstDescr,
|
|
ipsAuthInstStorageType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing information about
|
|
authorization instances."
|
|
::= { ipsAuthGroups 1 }
|
|
|
|
ipsAuthIdentAttributesGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
ipsAuthIdentDescription,
|
|
ipsAuthIdentRowStatus,
|
|
ipsAuthIdentStorageType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing information about
|
|
user identities within an authorization instance."
|
|
::= { ipsAuthGroups 2 }
|
|
|
|
ipsAuthIdentNameAttributesGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
ipsAuthIdentName,
|
|
ipsAuthIdentNameRowStatus,
|
|
ipsAuthIdentNameStorageType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing information about
|
|
user names within user identities within an authorization
|
|
instance."
|
|
::= { ipsAuthGroups 3 }
|
|
|
|
ipsAuthIdentAddrAttributesGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
ipsAuthIdentAddrType,
|
|
ipsAuthIdentAddrStart,
|
|
ipsAuthIdentAddrEnd,
|
|
ipsAuthIdentAddrRowStatus,
|
|
ipsAuthIdentAddrStorageType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing information about
|
|
address ranges within user identities within an
|
|
authorization instance."
|
|
::= { ipsAuthGroups 4 }
|
|
|
|
ipsAuthIdentCredAttributesGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
ipsAuthCredAuthMethod,
|
|
ipsAuthCredRowStatus,
|
|
ipsAuthCredStorageType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing information about
|
|
credentials within user identities within an authorization
|
|
instance."
|
|
::= { ipsAuthGroups 5 }
|
|
|
|
ipsAuthIdentChapAttrGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
ipsAuthCredChapUserName,
|
|
ipsAuthCredChapRowStatus,
|
|
ipsAuthCredChapStorageType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing information about
|
|
CHAP credentials within user identities within an
|
|
authorization instance."
|
|
::= { ipsAuthGroups 6 }
|
|
|
|
ipsAuthIdentSrpAttrGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
ipsAuthCredSrpUserName,
|
|
ipsAuthCredSrpRowStatus,
|
|
ipsAuthCredSrpStorageType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing information about
|
|
SRP credentials within user identities within an
|
|
authorization instance."
|
|
::= { ipsAuthGroups 7 }
|
|
|
|
ipsAuthIdentKerberosAttrGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
ipsAuthCredKerbPrincipal,
|
|
ipsAuthCredKerbRowStatus,
|
|
ipsAuthCredKerbStorageType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing information about
|
|
Kerberos credentials within user identities within an
|
|
authorization instance."
|
|
::= { ipsAuthGroups 8 }
|
|
|
|
--******************************************************************
|
|
|
|
ipsAuthComplianceV1 MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Initial version of compliance statement based on
|
|
initial version of this MIB module.
|
|
|
|
The Instance and Identity groups are mandatory;
|
|
at least one of the other groups (Name, Address,
|
|
Credential, Certificate) is also mandatory for
|
|
any given implementation."
|
|
MODULE -- this module
|
|
MANDATORY-GROUPS {
|
|
ipsAuthInstanceAttributesGroup,
|
|
ipsAuthIdentAttributesGroup
|
|
}
|
|
|
|
-- Conditionally mandatory groups to be included with
|
|
-- the mandatory groups when necessary.
|
|
|
|
GROUP ipsAuthIdentNameAttributesGroup
|
|
DESCRIPTION
|
|
"This group is mandatory for all implementations
|
|
that make use of unique identity names."
|
|
|
|
GROUP ipsAuthIdentAddrAttributesGroup
|
|
DESCRIPTION
|
|
"This group is mandatory for all implementations
|
|
that use addresses to help verify identities."
|
|
|
|
GROUP ipsAuthIdentCredAttributesGroup
|
|
DESCRIPTION
|
|
"This group is mandatory for all implementations
|
|
that use credentials to help verify identities."
|
|
|
|
GROUP ipsAuthIdentChapAttrGroup
|
|
DESCRIPTION
|
|
"This group is mandatory for all implementations
|
|
that use CHAP to help verify identities.
|
|
|
|
The ipsAuthIdentCredAttributesGroup must be
|
|
implemented if this group is implemented."
|
|
|
|
GROUP ipsAuthIdentSrpAttrGroup
|
|
DESCRIPTION
|
|
"This group is mandatory for all implementations
|
|
that use SRP to help verify identities.
|
|
|
|
The ipsAuthIdentCredAttributesGroup must be
|
|
implemented if this group is implemented."
|
|
|
|
GROUP ipsAuthIdentKerberosAttrGroup
|
|
DESCRIPTION
|
|
"This group is mandatory for all implementations
|
|
that use Kerberos to help verify identities.
|
|
|
|
The ipsAuthIdentCredAttributesGroup must be
|
|
implemented if this group is implemented."
|
|
|
|
OBJECT ipsAuthInstDescr
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
|
|
OBJECT ipsAuthInstStorageType
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
|
|
OBJECT ipsAuthIdentDescription
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
|
|
OBJECT ipsAuthIdentRowStatus
|
|
SYNTAX INTEGER { active(1) } -- subset of RowStatus
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required, and only one of the
|
|
six enumerated values for the RowStatus textual
|
|
convention need be supported, specifically:
|
|
active(1)."
|
|
|
|
OBJECT ipsAuthIdentName
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
|
|
OBJECT ipsAuthIdentNameRowStatus
|
|
SYNTAX INTEGER { active(1) } -- subset of RowStatus
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required, and only one of the
|
|
six enumerated values for the RowStatus textual
|
|
convention need be supported, specifically:
|
|
active(1)."
|
|
|
|
OBJECT ipsAuthIdentAddrType
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
|
|
OBJECT ipsAuthIdentAddrStart
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
|
|
OBJECT ipsAuthIdentAddrEnd
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
|
|
OBJECT ipsAuthIdentAddrRowStatus
|
|
SYNTAX INTEGER { active(1) } -- subset of RowStatus
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required, and only one of the
|
|
six enumerated values for the RowStatus textual
|
|
convention need be supported, specifically:
|
|
active(1)."
|
|
|
|
OBJECT ipsAuthCredAuthMethod
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
|
|
OBJECT ipsAuthCredRowStatus
|
|
SYNTAX INTEGER { active(1) } -- subset of RowStatus
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required, and only one of the
|
|
|
|
six enumerated values for the RowStatus textual
|
|
convention need be supported, specifically:
|
|
active(1)."
|
|
|
|
OBJECT ipsAuthCredChapUserName
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
|
|
OBJECT ipsAuthCredChapRowStatus
|
|
SYNTAX INTEGER { active(1) } -- subset of RowStatus
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required, and only one of the
|
|
six enumerated values for the RowStatus textual
|
|
convention need be supported, specifically:
|
|
active(1)."
|
|
|
|
OBJECT ipsAuthCredSrpUserName
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
|
|
OBJECT ipsAuthCredSrpRowStatus
|
|
SYNTAX INTEGER { active(1) } -- subset of RowStatus
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required, and only one of the
|
|
six enumerated values for the RowStatus textual
|
|
convention need be supported, specifically:
|
|
active(1)."
|
|
|
|
OBJECT ipsAuthCredKerbPrincipal
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
|
|
OBJECT ipsAuthCredKerbRowStatus
|
|
SYNTAX INTEGER { active(1) } -- subset of RowStatus
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required, and only one of the six
|
|
enumerated values for the RowStatus textual convention need
|
|
be supported, specifically: active(1)."
|
|
::= { ipsAuthCompliances 1 }
|
|
|
|
END
|