WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/rfc/SNMP-VACM-AAA-MIB

177 lines
6.9 KiB
Plaintext
Raw Blame History

SNMP-VACM-AAA-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
MODULE-IDENTITY, OBJECT-TYPE,
mib-2,
Unsigned32 FROM SNMPv2-SMI
SnmpAdminString,
SnmpSecurityModel FROM SNMP-FRAMEWORK-MIB;
vacmAaaMIB MODULE-IDENTITY
LAST-UPDATED "201012090000Z" -- 9 December 2010
ORGANIZATION "ISMS Working Group"
CONTACT-INFO "WG-email: isms@ietf.org"
DESCRIPTION "The management and local datastore information
definitions for the AAA-Enabled View-based Access
Control Model for SNMP.
Copyright (c) 2010 IETF Trust and the persons
identified as the document authors. All rights
reserved.
Redistribution and use in source and binary forms,
with or without modification, is permitted pursuant
to, and subject to the license terms contained in,
the Simplified BSD License set forth in Section
4.c of the IETF Trust's Legal Provisions Relating
to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this MIB module is part of RFC 6065;
see the RFC itself for full legal notices."
REVISION "201012090000Z"
DESCRIPTION "Initial version, published as RFC 6065."
::= { mib-2 199 }
vacmAaaMIBObjects OBJECT IDENTIFIER ::= { vacmAaaMIB 1 }
vacmAaaMIBConformance OBJECT IDENTIFIER ::= { vacmAaaMIB 2 }
vacmAaaSecurityToGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF VacmAaaSecurityToGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This table provides a listing of all currently active
sessions for which a mapping of the combination of
SnmpSecurityModel and securityName into the name of
a VACM group has been provided by an AAA service.
The group name (in VACM) in turn identifies an access
control policy to be used for the corresponding
principals."
REFERENCE "RFC 3411, Section 3.2.2, defines securityName."
::= { vacmAaaMIBObjects 1 }
vacmAaaSecurityToGroupEntry OBJECT-TYPE
SYNTAX VacmAaaSecurityToGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "An entry in this table maps the combination of a
SnmpSecurityModel and securityName into the name
of a VACM group defining the access control policy
that is to govern a particular session.
Each entry corresponds to a session.
Entries do not persist across reboots.
An entry is created whenever an indication occurs
that a new session has been established that would
not have the same index values as an existing entry.
When a session is torn down, disconnected, timed out
(e.g., following the RADIUS Session-Timeout Attribute),
or otherwise terminated for any reason, the
corresponding vacmAaaSecurityToGroupEntry is deleted."
REFERENCE "RFC 3411, Section 3.2.2, defines securityName."
INDEX {
vacmAaaSecurityModel,
vacmAaaSecurityName,
vacmAaaSessionID
}
::= { vacmAaaSecurityToGroupTable 1 }
VacmAaaSecurityToGroupEntry ::= SEQUENCE
{
vacmAaaSecurityModel SnmpSecurityModel,
vacmAaaSecurityName SnmpAdminString,
vacmAaaSessionID Unsigned32,
vacmAaaGroupName SnmpAdminString
}
vacmAaaSecurityModel OBJECT-TYPE
SYNTAX SnmpSecurityModel(1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The security model associated with the AAA binding
represented by this entry.
This object cannot take the 'any' (0) value."
::= { vacmAaaSecurityToGroupEntry 1 }
vacmAaaSecurityName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The securityName of the principal associated with the
AAA binding represented by this entry. In RADIUS
environments, this corresponds to the User-Name
Attribute."
REFERENCE "RFC 3411, Section 3.2.2, defines securityName, and
RFC 2865, Section 5.1, defines User-Name."
::= { vacmAaaSecurityToGroupEntry 2 }
vacmAaaSessionID OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "An implementation-dependent identifier of the session.
This value MUST be unique among all currently open
sessions of all of this SNMP engine's transport models.
The value has no particular significance other than to
distinguish sessions.
Implementations in which tmSessionID has a compatible
syntax and is unique across all transport models MAY
use that value."
REFERENCE "The Abstract Service Interface parameter tmSessionID
is defined in RFC 5590, Section 5.2.4."
::= { vacmAaaSecurityToGroupEntry 3 }
vacmAaaGroupName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The name of the group to which this entry is to belong.
In RADIUS environments, this comes from the RADIUS
Management-Policy-Id Attribute.
When the appropriate conditions are met,
the value of this object is applied the vacmGroupName
in the corresponding vacmSecurityToGroupEntry."
REFERENCE "RFC 3415"
::= { vacmAaaSecurityToGroupEntry 4 }
-- Conformance information ******************************************
vacmAaaMIBCompliances
OBJECT IDENTIFIER ::= {vacmAaaMIBConformance 1}
vacmAaaMIBGroups
OBJECT IDENTIFIER ::= {vacmAaaMIBConformance 2}
-- compliance statements
vacmAaaMIBBasicCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION "The compliance statement for SNMP engines implementing
the AAA-Enabled View-based Access Control Model for
SNMP."
MODULE -- this module
MANDATORY-GROUPS { vacmAaaGroup }
::= { vacmAaaMIBCompliances 1 }
-- units of conformance
vacmAaaGroup OBJECT-GROUP
OBJECTS {
vacmAaaGroupName
}
STATUS current
DESCRIPTION "A collection of objects for supporting the use of AAA
services to provide user-to-group mappings for VACM."
::= { vacmAaaMIBGroups 1 }
END
View Git Blame Copy Permalink