mibs/MIBS/awplus/AT-USER-MIB

364 lines
12 KiB
Plaintext
Raw Permalink Normal View History

2023-12-05 12:25:34 +01:00
-- ============================================================================
-- AT-USER.MIB, Allied Telesis enterprise MIB:USER
--
-- Copyright (c) 2008 by Allied Telesis, Inc.
-- All rights reserved.
--
-- ============================================================================
AT-USER-MIB DEFINITIONS ::= BEGIN
IMPORTS
sysinfo
FROM AT-SMI-MIB
Unsigned32, OBJECT-TYPE, MODULE-IDENTITY
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC;
user MODULE-IDENTITY
LAST-UPDATED "201209210000Z"
ORGANIZATION
"Allied Telesis, Inc."
CONTACT-INFO
" http://www.alliedtelesis.com"
DESCRIPTION
"The AT-USER MIB contains objects for displaying information of
users currently logged into a device, or configured in the local
user data base of the device."
REVISION "201209210000Z"
DESCRIPTION
"Added chassis switch (e.g. SBx8100) descriptions to stack-related MIB objects"
REVISION "201009070000Z"
DESCRIPTION
"Generic syntax tidy up"
REVISION "201006150015Z"
DESCRIPTION
"MIB revision history dates in descriptions updated."
REVISION "201006080000Z"
DESCRIPTION
"Add objects for strong passwords information."
REVISION "200810161200Z"
DESCRIPTION
"Add objects for local user data base information."
REVISION "200808260000Z"
DESCRIPTION
"Initial version."
::= { sysinfo 20 }
--
-- Node definitions
--
userInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF UserInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of information about users. Each entry in the table
represents a user currently logged into the device."
::= { user 1 }
userInfoEntry OBJECT-TYPE
SYNTAX UserInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information on a user currently logged into the device."
INDEX { userInfoType, userInfoIndex }
::= { userInfoTable 1 }
UserInfoEntry ::=
SEQUENCE {
userInfoType
INTEGER,
userInfoIndex
Unsigned32,
userInfoUserName
DisplayString,
userInfoPrivilegeLevel
Unsigned32,
userInfoIdleTime
DisplayString,
userInfoLocation
DisplayString,
userInfoPasswordLifetime
DisplayString,
userInfoPasswordLastChange
DisplayString
}
userInfoType OBJECT-TYPE
SYNTAX INTEGER
{
console(1),
aux(2),
telnet(3),
script(4),
stack(5)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The type of connection through which the user logged into
the device:
- console (1)
- aux (2)
- telnet (3)
- script (4)
- stack or back-up CFC console (5)"
::= { userInfoEntry 1 }
userInfoIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..16)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of the line upon which the user logged into
the device."
::= { userInfoEntry 2 }
userInfoUserName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the user name of the user
currently logged into the device."
::= { userInfoEntry 3 }
userInfoPrivilegeLevel OBJECT-TYPE
SYNTAX Unsigned32 (1..15)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the privilege level the user is granted."
::= { userInfoEntry 4 }
userInfoIdleTime OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the amount of time since the user was last
active. It is in the form of hh:mm:ss."
::= { userInfoEntry 5 }
userInfoLocation OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the location or login method of the user.
It can be an IP address used by the user to telnet into the device,
or an asyn port, etc."
::= { userInfoEntry 6 }
userInfoPasswordLifetime OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of days remaining until the users
password expires. Depending on the current user setting it will
either display a string of:
'No Expiry' - password will never expire (default);
'x days' where x is the remaining lifetime of the current password - the
maximum lifetime value is 1000 days;
'-x days (expired)' indicates that the current password expired 'x' days ago."
::= { userInfoEntry 7 }
userInfoPasswordLastChange OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates, in days, the last time the password was
altered."
::= { userInfoEntry 8 }
userConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF UserConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of user configuration information. Each entry
in the table represents a user configured in the local user
data base of the device."
::= { user 2 }
userConfigEntry OBJECT-TYPE
SYNTAX UserConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A conceptual entry in the userConfigTable."
INDEX { userConfigIndex }
::= { userConfigTable 1 }
UserConfigEntry ::=
SEQUENCE {
userConfigIndex
Unsigned32,
userConfigUsername
DisplayString,
userConfigPrivilegeLevel
Unsigned32
}
userConfigIndex OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index used to identify entries in the userConfigTable."
::= { userConfigEntry 1 }
userConfigUsername OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the user's name in configuration."
::= { userConfigEntry 2 }
userConfigPrivilegeLevel OBJECT-TYPE
SYNTAX Unsigned32 (1..15)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the user's privilege level in configuration."
::= { userConfigEntry 3 }
userSecurityPasswordRules OBJECT IDENTIFIER ::= { user 3 }
userSecurityPasswordHistory OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the number of previous passwords that will be
retained for comparison when a new password is created for the user.
The password must be unique when compared against the previous history.
A value of 0 represents 'No Restriction' - default.
The maximum number of retained passwords is 15."
::= { userSecurityPasswordRules 1 }
userSecurityPasswordLifetime OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the maximum time interval (days) that the
password may persist for before a change is required.
A value of 0 represents 'No Expiry' - default.
The maximum value is 1000 days."
::= { userSecurityPasswordRules 2 }
userSecurityPasswordWarning OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the number of days before the password
expires that a warning message will be displayed when the user logs on.
A value of 0 indicates 'No Warning' - default.
The maximum value is 1000 but must always be less than the password
lifetime."
::= { userSecurityPasswordRules 3 }
userSecurityPasswordMinLength OBJECT-TYPE
SYNTAX Unsigned32 (1..23)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the minimum password length that the password
must satisfy to be considered valid.
The default value is 1."
::= { userSecurityPasswordRules 4 }
userSecurityPasswordMinCategory OBJECT-TYPE
SYNTAX Unsigned32 (1..4)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the minimum number of different categories
that the password must satisfy to be considered valid.
Categories are split into four groups:
upper-case letters; lower-case letters; digits; special symbols.
For example, combinations of: ABCD (1 category), ABCDabcd (2 categories),
ABCD1111 (2 categories), abcd#$# (2 categories), Aa1# (4 categories).
The default value is 1."
::= { userSecurityPasswordRules 5 }
userSecurityPasswordForced OBJECT-TYPE
SYNTAX INTEGER
{
enabled(1),
disabled(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents whether or not a user with an expired password
should be forced to alter their password at the next log-on. When a user
logs on with an expired password the system will either reject the log-on
attempt or if allowed to log-on then the user may be forced to update
their password immediately depending on this setting.
This functionality is only valid for administrative users.
The default value is disabled."
::= { userSecurityPasswordRules 6 }
userSecurityPasswordReject OBJECT-TYPE
SYNTAX INTEGER
{
enabled(1),
disabled(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents whether or not a user log-on attempt with an expired
password will be rejected. If they are not rejected then the user will
be allowed to log-on. They may have to alter their password immediately
based on the forced setting.
This functionality is only valid for administrative users. The passwords of
non-administrative users will never expire.
The default value is disabled."
::= { userSecurityPasswordRules 7 }
END
--
-- at-user.mib
--