CcreRuleEntry |
|
SEQUENCE |
|
|
|
|
ccreRuleNumber |
Unsigned32 |
|
|
ccreRuleFeatureElementName |
SnmpAdminString |
|
|
ccreRuleFeatureElementType |
INTEGER |
|
|
ccreRuleOperation |
CcreOperation |
|
|
ccreRuleOperationPermitted |
TruthValue |
|
|
ccreRuleRowStatus |
RowStatus |
|
ccreFeatureElementEntry |
1.3.6.1.4.1.9.9.651.1.1.1.1 |
An entry (conceptual row) in the ccreFeatureElementTable.
Each row in this table represents an element (command
or a feature) contained in a feature or a feature group.
For example a 'radius' feature that contains three
commands - 'radius-server', 'radius-cfs' and
'aaa group server radius', this table
will have three entries, one each for the three
commands.
ccreFeatureName ccreFeatureIndex ccreFeatureElementName
'radius' 1 'radius-server'
'radius' 2 'radius-cfs'
'radius' 3 'aaa group server radius'
'arp' 1 'show arp'
'arp' 2 'clear ip arp' |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CcreFeatureElementEntry |
|
|
ccreRoleEntry |
1.3.6.1.4.1.9.9.651.1.2.2.1 |
An entry (conceptual row) in the ccreRoleTable.
One entry per role defined on the device. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CcreRoleEntry |
|
|
ccreRoleScopeTable |
1.3.6.1.4.1.9.9.651.1.2.3 |
This table lists the resources to which a user belonging
to a role can access.
A role may be restricted from accessing various
resources of a device. This table lists the resources
that a role can access.
If for a role there is no entry in this table, then
restriction, if any, is determined by the
ccrePermitAllPolicies object in the ccreRoleTable.
Each resource (VSAN, VLAN or Interface) to which a role
has access to, has a separate entry in the table.
For e.g. if a role has access to VLAN 1, 2, 6 and 7;
VSAN 2, 5 and 8 and interface 2/1 and 2/3, this table
will have 9 entries, 4 for VSANs, 3 for VLANs and 2 for
Interfaces.
Entries in this table can be created/deleted using
ccreRoleScopeRowStatus.
The table provides the same information as
'commonRoleScopeRestriction', 'commonRoleScope1' and
'commonRoleScope2' but in a different way.
The object 'commonRoleScope1' and 'commonRoleScope2'
are 256*8 bit mask with each bit representing a VLAN.
'commonRoleScope1' identifies VLANS 1 to 2048 whereas
'commonRoleScope2' identifies VLANS 2049 to 4096.
In this table, there is a separate entry for each VSAN,
along with separate entry for each VLAN and Interface
to which a role has access. The purpose of this table
is to remove the limit of 4096 that are supported by
'commonRoleTable'.
All entries in this table are persistent across device
reboots |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
CcreRoleScopeEntry |
|
ccreRoleScopeEntry |
1.3.6.1.4.1.9.9.651.1.2.3.1 |
An entry (conceptual row) in the ccreRoleScopeTable.
There is one entry for each different scope value of a
Role. If a Role 'R1' is defined to have scope on
VSAN-1, VSAN-2, VLAN-1, VLAN#, Interface fc1/1 and
fc1/2, then there will be six entries for role 'R1' in
this table, one each for VSAN-1, VSAN2, VLAN-1, VLAN-1,
fc1/1 and fc1/2. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CcreRoleScopeEntry |
|
|
ccreRuleEntry |
1.3.6.1.4.1.9.9.651.1.3.2.1 |
An entry (conceptual row) in the ccreRuleRuleTable.
There is one entry for each Rule contained in a Role.
For eg. if a Role 'R1' has 6 rules, there will be
six entries for Role 'R1'. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CcreRuleEntry |
|
|