CISCO-SNMP-VACM-EXT-MIB

File: CISCO-SNMP-VACM-EXT-MIB.mib (8589 bytes)

Imported modules

SNMPv2-SMI SNMPv2-CONF SNMPv2-TC
SNMP-FRAMEWORK-MIB SNMP-VIEW-BASED-ACM-MIB CISCO-SMI

Imported symbols

MODULE-IDENTITY OBJECT-TYPE MODULE-COMPLIANCE
OBJECT-GROUP RowStatus StorageType
SnmpAdminString vacmSecurityModel vacmSecurityName
ciscoMgmt

Defined Types

CvacmSecurityToGroupEntry  
SEQUENCE    
  cvacmSecurityGrpName SnmpAdminString
  cvacmSecurityGrpStorageType StorageType
  cvacmSecurityGrpStatus RowStatus

Defined Values

ciscoSnmpVacmExtMIB 1.3.6.1.4.1.9.9.409
The management information definitions to extend the View-based Access Control Model (RFC3415) for SNMP. This MIB extends the 'SNMP-VIEW-BASED-ACM-MIB' to allow each combination of a 'securityModel' and a 'securityName' to be mapped into additional groupNames. The groups identified by these mappings are in addition to those identified by 'vacmGroupName' of the 'vacmSecurityToGroupTable'.
MODULE-IDENTITY    

ciscoSnmpVacmExtMIBObjects 1.3.6.1.4.1.9.9.409.1
OBJECT IDENTIFIER    

ciscoSnmpVacmExtMIBConformance 1.3.6.1.4.1.9.9.409.2
OBJECT IDENTIFIER    

cvacmSecurityToGroupTable 1.3.6.1.4.1.9.9.409.1.1
An Extension table to the 'vacmSecurityToGroupTable' defined in 'SNMP-VIEW-BASED-ACM-MIB. This table provides a mechanism to map a combination of 'securityModel' and 'securityName' into one or more groups in addition to the 'vacmGroupName' mapped in the 'vacmSecurityToGroupTable'. These groups provide additional access control policies for a principal. The agent must allow the same group mapping entry to be present in both the 'cvacmSecurityToGroupTable' and the 'vacmSecurityToGroupTable'. A row in this table can not exist without a corresponding row for the same combination of 'securityModel' and 'securityName in the 'vacmSecurityToGroupTable'. While creating a row in this table, if there is no corresponding row for the same combination of 'securityModel' and 'securityName in the 'vacmSecurityToGroupTable', the same mapping entry in is created in the 'vacmSecurityToGroupTable' by the agent using the values of instance variables of the entry in this table. The deletion of a row in the 'vacmSecurityToGroupTable' also causes the deletion of all the group mapping entries for the same combination of 'vacmSecurityModel' and 'vacmSecurityName' in the 'cvacmSecurityToGroupTable'. The deletion of a row in this table does not affect 'vacmSecurityToGroupTable'entries.
OBJECT-TYPE    
  SEQUENCE OF  
    CvacmSecurityToGroupEntry

cvacmSecurityToGroupEntry 1.3.6.1.4.1.9.9.409.1.1.1
An entry (conceptual row) in the 'cvacmSecurityToGroupTable'. Each row represents one groupName mapping for the combination of 'securityModel' and 'securityName' in the system.
OBJECT-TYPE    
  CvacmSecurityToGroupEntry  

cvacmSecurityGrpName 1.3.6.1.4.1.9.9.409.1.1.1.1
The name of the group for the mapping represented by this row. This is in addition to the 'vacmGroupName' mapped in the 'vacmSecurityToGroupTable'. For example a user principal represented by 'securityName' maps to a group represented by 'cvacmSecurityGrpName' under a security model represented by 'securityModel'. This groupName is used as index into the 'vacmAccessTable' to select an access control policy. However, a value in this table does not imply that an instance with the value exists in table 'vacmAccesTable'.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

cvacmSecurityGrpStorageType 1.3.6.1.4.1.9.9.409.1.1.1.2
The storage type for this conceptual row. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row.
OBJECT-TYPE    
  StorageType  

cvacmSecurityGrpStatus 1.3.6.1.4.1.9.9.409.1.1.1.3
The status of this conceptual row. The value of this object has no effect on whether other objects in this conceptual row can be modified.
OBJECT-TYPE    
  RowStatus  

ciscoSnmpVacmExtMIBCompliances 1.3.6.1.4.1.9.9.409.2.1
OBJECT IDENTIFIER    

ciscoSnmpVacmExtMIBGroups 1.3.6.1.4.1.9.9.409.2.2
OBJECT IDENTIFIER    

ciscoSnmpVacmExtMIBCompliance 1.3.6.1.4.1.9.9.409.2.1.1
Only 'active', 'createAndGo' and 'destroy' are needed to be supported.
MODULE-COMPLIANCE    
  cvacmSecurityGrpStatus INTEGER active(1), createAndGo(4), destroy(6)

ciscoSnmpVacmExtGroup 1.3.6.1.4.1.9.9.409.2.2.1
A collection of objects providing for remote configuration of an SNMP engine which extends the SNMP View-based Access Control Model.
OBJECT-GROUP