-- extracted from draft-ietf-ips-auth-mib-07.txt -- at Sat Oct 22 06:37:12 2005 IPS-AUTH-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY, Unsigned32, mib-2 FROM SNMPv2-SMI TEXTUAL-CONVENTION, RowStatus, AutonomousType, StorageType FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF SnmpAdminString FROM SNMP-FRAMEWORK-MIB -- RFC 3411 AddressFamilyNumbers FROM IANA-ADDRESS-FAMILY-NUMBERS-MIB ; ipsAuthMibModule MODULE-IDENTITY LAST-UPDATED "200510180000Z" -- October 18, 2005 ORGANIZATION "IETF IPS Working Group" CONTACT-INFO " Mark Bakke Postal: Cisco Systems, Inc 7900 International Drive, Suite 400 Bloomington, MN USA 55425 E-mail: mbakke@cisco.com James Muchow Postal: Qlogic Corp. 6321 Bury Dr. Eden Prairie, MN USA 55346 E-Mail: james.muchow@qlogic.com" DESCRIPTION "The IP Storage Authorization MIB module. Copyright (C) The Internet Society (2005). This version of this MIB module is part of RFC yyyy; see the RFC itself for full legal notices." -- RFC Ed.: replace yyyy with actual RFC number & remove this note REVISION "200510180000Z" -- October 18, 2005 DESCRIPTION "Initial version of the IP Storage Authentication MIB module" ::= { mib-2 xx } -- xx to be assigned by IANA ipsAuthNotifications OBJECT IDENTIFIER ::= { ipsAuthMibModule 0 } ipsAuthObjects OBJECT IDENTIFIER ::= { ipsAuthMibModule 1 } ipsAuthConformance OBJECT IDENTIFIER ::= { ipsAuthMibModule 2 } -- Textual Conventions IpsAuthAddress ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "IP Storage requires the use of address information that uses not only the InetAddress type defined in the INET-ADDRESS-MIB, but also Fibre Channel type defined in the Fibre Channel Management MIB. Although these address types are recognized in the IANA Address Family Numbers MIB, the addressing mechanisms have not been merged into a well-known, common type. This data type, the IpsAuthAddress, performs this function for this MIB module." REFERENCE "IANA-ADDRESS-FAMILY-NUMBERS-MIB; INET-ADDRESS-MIB (RFC 2851); FC-MGMT-MIB (RFC 4044)." SYNTAX OCTET STRING (SIZE(0..255)) --****************************************************************** ipsAuthDescriptors OBJECT IDENTIFIER ::= { ipsAuthObjects 1 } ipsAuthMethodTypes OBJECT-IDENTITY STATUS current DESCRIPTION "Registration point for Authentication Method Types." REFERENCE "RFC 3720, iSCSI Protocol Specification." ::= { ipsAuthDescriptors 1 } ipsAuthMethodNone OBJECT-IDENTITY STATUS current DESCRIPTION "The authoritative identifier when no authentication method is used." REFERENCE "RFC 3720, iSCSI Protocol Specification." ::= { ipsAuthMethodTypes 1 } ipsAuthMethodSrp OBJECT-IDENTITY STATUS current DESCRIPTION "The authoritative identifier when the authentication method is SRP." REFERENCE "RFC 3720, iSCSI Protocol Specification." ::= { ipsAuthMethodTypes 2 } ipsAuthMethodChap OBJECT-IDENTITY STATUS current DESCRIPTION "The authoritative identifier when the authentication method is CHAP." REFERENCE "RFC 3720, iSCSI Protocol Specification." ::= { ipsAuthMethodTypes 3 } ipsAuthMethodKerberos OBJECT-IDENTITY STATUS current DESCRIPTION "The authoritative identifier when the authentication method is Kerberos." REFERENCE "RFC 3720, iSCSI Protocol Specification." ::= { ipsAuthMethodTypes 4 } --****************************************************************** ipsAuthInstance OBJECT IDENTIFIER ::= { ipsAuthObjects 2 } -- Instance Attributes Table ipsAuthInstanceAttributesTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsAuthInstanceAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of Authorization instances present on the system." ::= { ipsAuthInstance 2 } ipsAuthInstanceAttributesEntry OBJECT-TYPE SYNTAX IpsAuthInstanceAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (row) containing management information applicable to a particular Authorization instance." INDEX { ipsAuthInstIndex } ::= { ipsAuthInstanceAttributesTable 1 } IpsAuthInstanceAttributesEntry ::= SEQUENCE { ipsAuthInstIndex Unsigned32, ipsAuthInstDescr SnmpAdminString, ipsAuthInstStorageType StorageType } ipsAuthInstIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An arbitrary integer used to uniquely identify a particular authorization instance. This index value must not be modified or reused by an agent unless a reboot has occurred. An agent should attempt to keep this value persistent across reboots." ::= { ipsAuthInstanceAttributesEntry 1 } ipsAuthInstDescr OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-write STATUS current DESCRIPTION "A character string, determined by the implementation to describe the authorization instance. When only a single instance is present, this object may be set to the zero-length string; with multiple authorization instances, it must be set to a unique value in an implementation-dependent manner to describe the purpose of the respective instance. If this is deployed in a master agent with more than one subagent implementing this MIB module, the master agent is responsible for ensuring that this object is unique across all subagents." ::= { ipsAuthInstanceAttributesEntry 2 } ipsAuthInstStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-write STATUS current DESCRIPTION "The storage type for all read-write objects within this row. Rows in this table are always created via an external process, and may have a storage type of readOnly or permanent. Conceptual rows having the value 'permanent' need not allow write access to any columnar objects in the row. If this object has the value 'volatile', modifications to read-write objects in this row are not persistent across reboots. If this object has the value 'nonVolatile', modifications to objects in this row are persistent. An implementation may choose to allow this object to be set to either 'nonVolatile' or 'volatile', allowing the management application to choose this behavior." DEFVAL { volatile } ::= { ipsAuthInstanceAttributesEntry 3 } ipsAuthIdentity OBJECT IDENTIFIER ::= { ipsAuthObjects 3 } -- User Identity Attributes Table ipsAuthIdentAttributesTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsAuthIdentAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of user identities, each belonging to a particular ipsAuthInstance." ::= { ipsAuthIdentity 1 } ipsAuthIdentAttributesEntry OBJECT-TYPE SYNTAX IpsAuthIdentAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (row) containing management information describing a user identity within an authorization instance on this node." INDEX { ipsAuthInstIndex, ipsAuthIdentIndex } ::= { ipsAuthIdentAttributesTable 1 } IpsAuthIdentAttributesEntry ::= SEQUENCE { ipsAuthIdentIndex Unsigned32, ipsAuthIdentDescription SnmpAdminString, ipsAuthIdentRowStatus RowStatus, ipsAuthIdentStorageType StorageType } ipsAuthIdentIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An arbitrary integer used to uniquely identify a particular identity instance within an authorization instance present on the node. This index value must not be modified or reused by an agent unless a reboot has occurred. An agent should attempt to keep this value persistent across reboots." ::= { ipsAuthIdentAttributesEntry 1 } ipsAuthIdentDescription OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "A character string describing this particular identity." ::= { ipsAuthIdentAttributesEntry 2 } ipsAuthIdentRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This field allows entries to be dynamically added and removed from this table via SNMP. When adding a row to this table, all non-Index/RowStatus objects must be set. Rows may be discarded using RowStatus." ::= { ipsAuthIdentAttributesEntry 3 } ipsAuthIdentStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for all read-create objects in this row. Rows in this table that were created through an external process may have a storage type of readOnly or permanent." DEFVAL { nonVolatile } ::= { ipsAuthIdentAttributesEntry 4 } ipsAuthIdentityName OBJECT IDENTIFIER ::= { ipsAuthObjects 4 } -- User Initiator Name Attributes Table ipsAuthIdentNameAttributesTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsAuthIdentNameAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of unique names that can be used to positively identify a particular user identity." ::= { ipsAuthIdentityName 1 } ipsAuthIdentNameAttributesEntry OBJECT-TYPE SYNTAX IpsAuthIdentNameAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (row) containing management information applicable to a unique identity name which can be used to identify a user identity within a particular authorization instance." INDEX { ipsAuthInstIndex, ipsAuthIdentIndex, ipsAuthIdentNameIndex } ::= { ipsAuthIdentNameAttributesTable 1 } IpsAuthIdentNameAttributesEntry ::= SEQUENCE { ipsAuthIdentNameIndex Unsigned32, ipsAuthIdentName SnmpAdminString, ipsAuthIdentNameRowStatus RowStatus, ipsAuthIdentNameStorageType StorageType } ipsAuthIdentNameIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An arbitrary integer used to uniquely identify a particular identity name instance within an ipsAuthIdentity within an authorization instance. This index value must not be modified or reused by an agent unless a reboot has occurred. An agent should attempt to keep this value persistent across reboots." ::= { ipsAuthIdentNameAttributesEntry 1 } ipsAuthIdentName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "A character string which is the unique name of an identity that may be used to identify this ipsAuthIdent entry." ::= { ipsAuthIdentNameAttributesEntry 2 } ipsAuthIdentNameRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This field allows entries to be dynamically added and removed from this table via SNMP. When adding a row to this table, all non-Index/RowStatus objects must be set. Rows may be discarded using RowStatus." ::= { ipsAuthIdentNameAttributesEntry 3 } ipsAuthIdentNameStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for all read-create objects in this row. Rows in this table that were created through an external process may have a storage type of readOnly or permanent." DEFVAL { nonVolatile } ::= { ipsAuthIdentNameAttributesEntry 4 } ipsAuthIdentityAddress OBJECT IDENTIFIER ::= { ipsAuthObjects 5 } -- User Initiator Address Attributes Table ipsAuthIdentAddrAttributesTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsAuthIdentAddrAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of address ranges that are allowed to serve as the endpoint addresses of a particular identity. An address range includes a starting and ending address and an optional netmask, and an address type indicator, which can specify whether the address is IPv4, IPv6, FC-WWPN, or FC-WWNN." ::= { ipsAuthIdentityAddress 1 } ipsAuthIdentAddrAttributesEntry OBJECT-TYPE SYNTAX IpsAuthIdentAddrAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (row) containing management information applicable to an address range which is used as part of the authorization of an identity within an authorization instance on this node." INDEX { ipsAuthInstIndex, ipsAuthIdentIndex, ipsAuthIdentAddrIndex } ::= { ipsAuthIdentAddrAttributesTable 1 } IpsAuthIdentAddrAttributesEntry ::= SEQUENCE { ipsAuthIdentAddrIndex Unsigned32, ipsAuthIdentAddrType AddressFamilyNumbers, ipsAuthIdentAddrStart IpsAuthAddress, ipsAuthIdentAddrEnd IpsAuthAddress, ipsAuthIdentAddrRowStatus RowStatus, ipsAuthIdentAddrStorageType StorageType } ipsAuthIdentAddrIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An arbitrary integer used to uniquely identify a particular ipsAuthIdentAddress instance within an ipsAuthIdentity within an authorization instance present on the node. This index value must not be modified or reused by an agent unless a reboot has occurred. An agent should attempt to keep this value persistent across reboots." ::= { ipsAuthIdentAddrAttributesEntry 1 } ipsAuthIdentAddrType OBJECT-TYPE SYNTAX AddressFamilyNumbers MAX-ACCESS read-create STATUS current DESCRIPTION "The type of Address in the ipsAuthIdentAddress start, end, and mask fields. This type is taken from the IANA address family types; more types may be registered independently of this MIB module." ::= { ipsAuthIdentAddrAttributesEntry 2 } ipsAuthIdentAddrStart OBJECT-TYPE SYNTAX IpsAuthAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The starting address of the allowed address range." ::= { ipsAuthIdentAddrAttributesEntry 3 } ipsAuthIdentAddrEnd OBJECT-TYPE SYNTAX IpsAuthAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The ending address of the allowed address range. If the ipsAuthIdentAddrEntry specifies a single address, this shall match the ipsAuthIdentAddrStart." ::= { ipsAuthIdentAddrAttributesEntry 4 } ipsAuthIdentAddrRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This field allows entries to be dynamically added and removed from this table via SNMP. When adding a row to this table, all non-Index/RowStatus objects must be set. Rows may be discarded using RowStatus." ::= { ipsAuthIdentAddrAttributesEntry 5 } ipsAuthIdentAddrStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for all read-create objects in this row. Rows in this table that were created through an external process may have a storage type of readOnly or permanent." DEFVAL { nonVolatile } ::= { ipsAuthIdentAddrAttributesEntry 6 } ipsAuthCredential OBJECT IDENTIFIER ::= { ipsAuthObjects 6 } -- Credential Attributes Table ipsAuthCredentialAttributesTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsAuthCredentialAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of credentials related to user identities that are allowed as valid authenticators of the particular identity." ::= { ipsAuthCredential 1 } ipsAuthCredentialAttributesEntry OBJECT-TYPE SYNTAX IpsAuthCredentialAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (row) containing management information applicable to a credential which verifies a user identity within an authorization instance." INDEX { ipsAuthInstIndex, ipsAuthIdentIndex, ipsAuthCredIndex } ::= { ipsAuthCredentialAttributesTable 1 } IpsAuthCredentialAttributesEntry ::= SEQUENCE { ipsAuthCredIndex Unsigned32, ipsAuthCredAuthMethod AutonomousType, ipsAuthCredRowStatus RowStatus, ipsAuthCredStorageType StorageType } ipsAuthCredIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An arbitrary integer used to uniquely identify a particular Credential instance within an instance present on the node. This index value must not be modified or reused by an agent unless a reboot has occurred. An agent should attempt to keep this value persistent across reboots." ::= { ipsAuthCredentialAttributesEntry 1 } ipsAuthCredAuthMethod OBJECT-TYPE SYNTAX AutonomousType MAX-ACCESS read-create STATUS current DESCRIPTION "This object contains an OBJECT IDENTIFIER which identifies the authentication method used with this credential. Some standardized values for this object are defined within the ipsAuthMethods subtree." ::= { ipsAuthCredentialAttributesEntry 2 } ipsAuthCredRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This field allows entries to be dynamically added and removed from this table via SNMP. When adding a row to this table, all non-Index/RowStatus objects must be set. Rows may be discarded using RowStatus." ::= { ipsAuthCredentialAttributesEntry 3 } ipsAuthCredStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for all read-create objects in this row. Rows in this table that were created through an external process may have a storage type of readOnly or permanent." DEFVAL { nonVolatile } ::= { ipsAuthCredentialAttributesEntry 4 } ipsAuthCredChap OBJECT IDENTIFIER ::= { ipsAuthObjects 7 } -- Credential Chap-Specific Attributes Table ipsAuthCredChapAttributesTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsAuthCredChapAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of CHAP attributes for credentials that use ipsAuthMethodChap as its ipsAuthCredAuthMethod." ::= { ipsAuthCredChap 1 } ipsAuthCredChapAttributesEntry OBJECT-TYPE SYNTAX IpsAuthCredChapAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (row) containing management information applicable to a credential which uses ipsAuthMethodChap as their ipsAuthCredAuthMethod." INDEX { ipsAuthInstIndex, ipsAuthIdentIndex, ipsAuthCredIndex } ::= { ipsAuthCredChapAttributesTable 1 } IpsAuthCredChapAttributesEntry ::= SEQUENCE { ipsAuthCredChapUserName SnmpAdminString, ipsAuthCredChapRowStatus RowStatus, ipsAuthCredChapStorageType StorageType } ipsAuthCredChapUserName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "A character string containing the CHAP user name for this credential." REFERENCE "W. Simpson, RFC 1994: PPP Challenge Handshake Authentication Protocol (CHAP), August 1996" ::= { ipsAuthCredChapAttributesEntry 1 } ipsAuthCredChapRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This field allows entries to be dynamically added and removed from this table via SNMP. When adding a row to this table, all non-Index/RowStatus objects must be set. Rows may be discarded using RowStatus." ::= { ipsAuthCredChapAttributesEntry 2 } ipsAuthCredChapStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for all read-create objects in this row. Rows in this table that were created through an external process may have a storage type of readOnly or permanent." DEFVAL { nonVolatile } ::= { ipsAuthCredChapAttributesEntry 3 } ipsAuthCredSrp OBJECT IDENTIFIER ::= { ipsAuthObjects 8 } -- Credential Srp-Specific Attributes Table ipsAuthCredSrpAttributesTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsAuthCredSrpAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of SRP attributes for credentials that use ipsAuthMethodSrp as their ipsAuthCredAuthMethod." ::= { ipsAuthCredSrp 1 } ipsAuthCredSrpAttributesEntry OBJECT-TYPE SYNTAX IpsAuthCredSrpAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (row) containing management information applicable to a credential which uses ipsAuthMethodSrp as its ipsAuthCredAuthMethod." INDEX { ipsAuthInstIndex, ipsAuthIdentIndex, ipsAuthCredIndex } ::= { ipsAuthCredSrpAttributesTable 1 } IpsAuthCredSrpAttributesEntry ::= SEQUENCE { ipsAuthCredSrpUserName SnmpAdminString, ipsAuthCredSrpRowStatus RowStatus, ipsAuthCredSrpStorageType StorageType } ipsAuthCredSrpUserName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "A character string containing the SRP user name for this credential." REFERENCE "T. Wu, RFC 2945: The SRP Authentication and Key Exchange System, September 2000" ::= { ipsAuthCredSrpAttributesEntry 1 } ipsAuthCredSrpRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This field allows entries to be dynamically added and removed from this table via SNMP. When adding a row to this table, all non-Index/RowStatus objects must be set. Rows may be discarded using RowStatus." ::= { ipsAuthCredSrpAttributesEntry 2 } ipsAuthCredSrpStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for all read-create objects in this row. Rows in this table that were created through an external process may have a storage type of readOnly or permanent." DEFVAL { nonVolatile } ::= { ipsAuthCredSrpAttributesEntry 3 } ipsAuthCredKerberos OBJECT IDENTIFIER ::= { ipsAuthObjects 9 } -- Credential Kerberos-Specific Attributes Table ipsAuthCredKerbAttributesTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsAuthCredKerbAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of Kerberos attributes for credentials that use ipsAuthMethodKerberos as their ipsAuthCredAuthMethod." ::= { ipsAuthCredKerberos 1 } ipsAuthCredKerbAttributesEntry OBJECT-TYPE SYNTAX IpsAuthCredKerbAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (row) containing management information applicable to a credential which uses ipsAuthMethodKerberos as its ipsAuthCredAuthMethod." INDEX { ipsAuthInstIndex, ipsAuthIdentIndex, ipsAuthCredIndex } ::= { ipsAuthCredKerbAttributesTable 1 } IpsAuthCredKerbAttributesEntry ::= SEQUENCE { ipsAuthCredKerbPrincipal SnmpAdminString, ipsAuthCredKerbRowStatus RowStatus, ipsAuthCredKerbStorageType StorageType } ipsAuthCredKerbPrincipal OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "A character string containing a Kerberos principal for this credential." REFERENCE "J. Kohl, C. Neuman, RFC 1510: The Kerberos Network Authentication Service (V5), September 1993" ::= { ipsAuthCredKerbAttributesEntry 1 } ipsAuthCredKerbRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This field allows entries to be dynamically added and removed from this table via SNMP. When adding a row to this table, all non-Index/RowStatus objects must be set. Rows may be discarded using RowStatus." ::= { ipsAuthCredKerbAttributesEntry 2 } ipsAuthCredKerbStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for all read-create objects in this row. Rows in this table that were created through an external process may have a storage type of readOnly or permanent." DEFVAL { nonVolatile } ::= { ipsAuthCredKerbAttributesEntry 3 } --****************************************************************** -- Notifications -- There are no notifications necessary in this MIB module. --****************************************************************** -- Conformance Statements ipsAuthCompliances OBJECT IDENTIFIER ::= { ipsAuthConformance 1 } ipsAuthGroups OBJECT IDENTIFIER ::= { ipsAuthConformance 2 } ipsAuthInstanceAttributesGroup OBJECT-GROUP OBJECTS { ipsAuthInstDescr, ipsAuthInstStorageType } STATUS current DESCRIPTION "A collection of objects providing information about authorization instances." ::= { ipsAuthGroups 1 } ipsAuthIdentAttributesGroup OBJECT-GROUP OBJECTS { ipsAuthIdentDescription, ipsAuthIdentRowStatus, ipsAuthIdentStorageType } STATUS current DESCRIPTION "A collection of objects providing information about user identities within an authorization instance." ::= { ipsAuthGroups 2 } ipsAuthIdentNameAttributesGroup OBJECT-GROUP OBJECTS { ipsAuthIdentName, ipsAuthIdentNameRowStatus, ipsAuthIdentNameStorageType } STATUS current DESCRIPTION "A collection of objects providing information about user names within user identities within an authorization instance." ::= { ipsAuthGroups 3 } ipsAuthIdentAddrAttributesGroup OBJECT-GROUP OBJECTS { ipsAuthIdentAddrType, ipsAuthIdentAddrStart, ipsAuthIdentAddrEnd, ipsAuthIdentAddrRowStatus, ipsAuthIdentAddrStorageType } STATUS current DESCRIPTION "A collection of objects providing information about address ranges within user identities within an authorization instance." ::= { ipsAuthGroups 4 } ipsAuthIdentCredAttributesGroup OBJECT-GROUP OBJECTS { ipsAuthCredAuthMethod, ipsAuthCredRowStatus, ipsAuthCredStorageType } STATUS current DESCRIPTION "A collection of objects providing information about credentials within user identities within an authorization instance." ::= { ipsAuthGroups 5 } ipsAuthIdentChapAttrGroup OBJECT-GROUP OBJECTS { ipsAuthCredChapUserName, ipsAuthCredChapRowStatus, ipsAuthCredChapStorageType } STATUS current DESCRIPTION "A collection of objects providing information about CHAP credentials within user identities within an authorization instance." ::= { ipsAuthGroups 6 } ipsAuthIdentSrpAttrGroup OBJECT-GROUP OBJECTS { ipsAuthCredSrpUserName, ipsAuthCredSrpRowStatus, ipsAuthCredSrpStorageType } STATUS current DESCRIPTION "A collection of objects providing information about SRP credentials within user identities within an authorization instance." ::= { ipsAuthGroups 7 } ipsAuthIdentKerberosAttrGroup OBJECT-GROUP OBJECTS { ipsAuthCredKerbPrincipal, ipsAuthCredKerbRowStatus, ipsAuthCredKerbStorageType } STATUS current DESCRIPTION "A collection of objects providing information about Kerberos credentials within user identities within an authorization instance." ::= { ipsAuthGroups 8 } --****************************************************************** ipsAuthComplianceV1 MODULE-COMPLIANCE STATUS current DESCRIPTION "Initial version of compliance statement based on initial version of this MIB module. The Instance and Identity groups are mandatory; at least one of the other groups (Name, Address, Credential, Certificate) is also mandatory for any given implementation." MODULE -- this module MANDATORY-GROUPS { ipsAuthInstanceAttributesGroup, ipsAuthIdentAttributesGroup } -- Conditionally mandatory groups to be included with -- the mandatory groups when necessary. GROUP ipsAuthIdentNameAttributesGroup DESCRIPTION "This group is mandatory for all implementations that make use of unique identity names." GROUP ipsAuthIdentAddrAttributesGroup DESCRIPTION "This group is mandatory for all implementations that use addresses to help verify identities." GROUP ipsAuthIdentCredAttributesGroup DESCRIPTION "This group is mandatory for all implementations that use credentials to help verify identities." GROUP ipsAuthIdentChapAttrGroup DESCRIPTION "This group is mandatory for all implementations that use CHAP to help verify identities. The ipsAuthIdentCredAttributesGroup must be implemented if this group is implemented." GROUP ipsAuthIdentSrpAttrGroup DESCRIPTION "This group is mandatory for all implementations that use SRP to help verify identities. The ipsAuthIdentCredAttributesGroup must be implemented if this group is implemented." GROUP ipsAuthIdentKerberosAttrGroup DESCRIPTION "This group is mandatory for all implementations that use Kerberos to help verify identities. The ipsAuthIdentCredAttributesGroup must be implemented if this group is implemented." OBJECT ipsAuthInstDescr MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT ipsAuthInstStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT ipsAuthIdentDescription MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT ipsAuthIdentRowStatus SYNTAX INTEGER { active(1) } -- subset of RowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required, and only one of the six enumerated values for the RowStatus textual convention need be supported, specifically: active(1)." OBJECT ipsAuthIdentName MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT ipsAuthIdentNameRowStatus SYNTAX INTEGER { active(1) } -- subset of RowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required, and only one of the six enumerated values for the RowStatus textual convention need be supported, specifically: active(1)." OBJECT ipsAuthIdentAddrType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT ipsAuthIdentAddrStart MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT ipsAuthIdentAddrEnd MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT ipsAuthIdentAddrRowStatus SYNTAX INTEGER { active(1) } -- subset of RowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required, and only one of the six enumerated values for the RowStatus textual convention need be supported, specifically: active(1)." OBJECT ipsAuthCredAuthMethod MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT ipsAuthCredRowStatus SYNTAX INTEGER { active(1) } -- subset of RowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required, and only one of the six enumerated values for the RowStatus textual convention need be supported, specifically: active(1)." OBJECT ipsAuthCredChapUserName MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT ipsAuthCredChapRowStatus SYNTAX INTEGER { active(1) } -- subset of RowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required, and only one of the six enumerated values for the RowStatus textual convention need be supported, specifically: active(1)." OBJECT ipsAuthCredSrpUserName MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT ipsAuthCredSrpRowStatus SYNTAX INTEGER { active(1) } -- subset of RowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required, and only one of the six enumerated values for the RowStatus textual convention need be supported, specifically: active(1)." OBJECT ipsAuthCredKerbPrincipal MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT ipsAuthCredKerbRowStatus SYNTAX INTEGER { active(1) } -- subset of RowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required, and only one of the six enumerated values for the RowStatus textual convention need be supported, specifically: active(1)." ::= { ipsAuthCompliances 1 } END