Name | Data Type | Qualifiers |
Name | Data Type | Value | Scope | Flavors |
AuthenticationProtocol | uint16 |
Description | string | AuthenticationProtocol shall indicate the desired EAP (Extensible Authentication Protocol) type.
* EAP-TLS (0): shall indicate that the desired EAP type is the Transport Layer Security EAP type specified in RFC 2716. If AuthenticationProtocol contains 0, Username should not be null, ServerCertificateName and ServerCertificateNameComparison may be null or not null, and RoamingIdentity, Password, Domain, ProtectedAccessCredential, PACPassword, and PSK should be null.
* EAP-TTLS/MSCHAPv2 (1): shall indicate that the desired EAP type is the Tunneled TLS Authentication Protocol EAP type specified in draft-ietf-pppext-eap-ttls, with Microsoft PPP CHAP Extensions, Version 2 (MSCHAPv2) as the inner authentication method. If AuthenticationProtocol contains 1, Username and Password should not be null, RoamingIdentity, ServerCertificateName, ServerCertificateNameComparison, and Domain may be null or not null, and ProtectedAccessCredential, PACPassword, and PSK should be null.
* PEAPv0/EAP-MSCHAPv2 (2): shall indicate that the desired EAP type is the Protected Extensible Authentication Protocol (PEAP) Version 0 EAP type specified in draft-kamath-pppext-peapv0, with Microsoft PPP CHAP Extensions, Version 2 (MSCHAPv2) as the inner authentication method. If AuthenticationProtocol contains2, Username and Password should not be null, RoamingIdentity, ServerCertificateName, ServerCertificateNameComparison, and Domain may be null or not null, and ProtectedAccessCredential, PACPassword, and PSK should be null.
* PEAPv1/EAP-GTC (3): shall indicate that the desired EAP type is the Protected Extensible Authentication Protocol (PEAP) Version 1 EAP type specified in draft-josefsson-pppext-eap-tls-eap, with Generic Token Card (GTC) as the inner authentication method. If AuthenticationProtocol contains 3, Username and Password should not be null, RoamingIdentity, ServerCertificateName, ServerCertificateNameComparison, and Domain may be null or not null, and ProtectedAccessCredential, PACPassword, and PSK should be null.
* EAP-FAST/MSCHAPv2 (4): shall indicate that the desired EAP type is the Flexible Authentication Extensible Authentication Protocol EAP type specified in IETF RFC 4851, with Microsoft PPP CHAP Extensions, Version 2 (MSCHAPv2) as the inner authentication method. If AuthenticationProtocol contains 4, Username and Password should not be null, RoamingIdentity, ServerCertificateName, ServerCertificateNameComparison, Domain, ProtectedAccessCredential, and PACPassword may be null or not null, and PSK should be null.
* EAP-FAST/GTC (5): shall indicate that the desired EAP type is the Flexible Authentication Extensible Authentication Protocol EAP type specified in IETF RFC 4851, with Generic Token Card (GTC) as the inner authentication method. If AuthenticationProtocol contains 5, Username and Password should not be null, RoamingIdentity, ServerCertificateName, ServerCertificateNameComparison, Domain, ProtectedAccessCredential, and PACPassword may be null or not null, and PSK should be null.
* EAP-MD5 (6): shall indicate that the desired EAP type is the EAP MD5 authentication method, specified in RFC 3748. If AuthenticationProtocol contains 6, Username and Password should not be null, Domain may be null or not null, and RoamingIdentity, ServerCertificateName, ServerCertificateNameComparison, ProtectedAccessCredential, PACPassword, and PSK should be null.
* EAP-PSK (7): shall indicate that the desired EAP type is the EAP-PSK (Pre-Shared Key) EAP type specified in RFC 4764. If AuthenticationProtocol contains 7, Username and PSK should not be null, Domain and RoamingIdentity may be null or not null, and Password, ServerCertificateName, ServerCertificateNameComparison, ProtectedAccessCredential, and PACPassword should be null.
* EAP-SIM (8): shall indicate that the desired EAP type is the Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM), specified in RFC 4186. If AuthenticationProtocol contains 8, Username and PSK should not be null, Domain and RoamingIdentity may be null or not null, and Password, ServerCertificateName, ServerCertificateNameComparison, ProtectedAccessCredential, and PACPassword should be null.
* EAP-AKA (9): shall indicate that the desired EAP type is the EAP Method for 3rd Generation Authentication and Key Agreement (EAP-AKA), specified in RFC 4187. If AuthenticationProtocol contains 9, Username and PSK should not be null, Domain and RoamingIdentity may be null or not null, and Password, ServerCertificateName, ServerCertificateNameComparison, ProtectedAccessCredential, and PACPassword should be null.
* EAP-FAST/TLS (10): shall indicate that the desired EAP type is the Flexible Authentication EAP type specified in IETF RFC 4851, with TLS as the inner authentication method. If AuthenticationProtocol contains 10, Username and Password should not be null, RoamingIdentity, ServerCertificateName, ServerCertificateNameComparison, Domain, ProtectedAccessCredential, and PACPassword may be null or not null, and PSK should be null. | None | TRANSLATABLE= true |
MappingStrings | string | RFC4017.IETF, RFC2716.IETF, draft-ietf-pppext-eap-ttls.IETF, draft-kamath-pppext-peapv0.IETF, draft-josefsson-pppext-eap-tls-eap, RFC4851.IETF, RFC3748.IETF, RFC4764.IETF, RFC4186.IETF, RFC4187.IETF | None | None |
ValueMap | string | 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11.. | None | None |
Values | string | EAP-TLS, EAP-TTLS/MSCHAPv2, PEAPv0/EAP-MSCHAPv2, PEAPv1/EAP-GTC, EAP-FAST/MSCHAPv2, EAP-FAST/GTC, EAP-MD5, EAP-PSK, EAP-SIM, EAP-AKA, EAP-FAST/TLS, DMTF Reserved | None | TRANSLATABLE= true |
Caption | string |
Description | string | The Caption property is a short textual description (one- line string) of the object. | None | TRANSLATABLE= true |
MaxLen | uint32 | 64 | None | None |
ChangeableType | uint16 |
Description | string | Enumeration indicating the type of setting. 0 "Not Changeable - Persistent" indicates the instance of SettingData represents primordial settings and shall not be modifiable. 1 "Changeable - Transient" indicates the SettingData represents modifiable settings that are not persisted. Establishing persistent settings from transient settings may be supported. 2 "Changeable - Persistent" indicates the SettingData represents a persistent configuration that may be modified. 3 "Not Changeable - Transient" indicates the SettingData represents a snapshot of the settings of the associated ManagedElement and is not persistent. | None | TRANSLATABLE= true |
Experimental | boolean | true | TOSUBCLASS= false | None |
ValueMap | string | 0, 1, 2, 3 | None | None |
Values | string | Not Changeable - Persistent, Changeable - Transient, Changeable - Persistent, Not Changeable - Transient | None | TRANSLATABLE= true |
ConfigurationName | string |
Description | string | An instance of CIM_SettingData may correspond to a well-known configuration that exists for an associated CIM_ManagedElement. If the ConfigurationName property is non-NULL, the instance of CIM_SettingData shall correspond to a well-known configuration for a Managed Element, the value of the ConfigurationName property shall be the name of the configuration, and the ChangeableType property shall have the value 0 or 2. A value of NULL for the ConfigurationName property shall mean that the instance of CIM_SettingData does not correspond to a well-known configuration for a Managed Element or that this information is unknown. | None | TRANSLATABLE= true |
Experimental | boolean | true | TOSUBCLASS= false | None |
Description | string |
Description | string | The Description property provides a textual description of the object. | None | TRANSLATABLE= true |
Domain | string |
Description | string | The domain (also known as realm) within which Username is unique. | None | TRANSLATABLE= true |
MappingStrings | string | draft-ietf-pppext-eap-ttls.IETF, draft-kamath-pppext-peapv0.IETF, draft-josefsson-pppext-eap-tls-eap, RFC4851.IETF, RFC3748.IETF, RFC4764.IETF, RFC4186.IETF, RFC4187.IETF | None | None |
ElementName | string |
Description | string | The user-friendly name for this instance of SettingData. In addition, the user-friendly name can be used as an index property for a search or query. (Note: The name does not have to be unique within a namespace.) | None | TRANSLATABLE= true |
Override | string | ElementName | TOSUBCLASS= false | None |
Required | boolean | true | None | OVERRIDABLE= false
|
Generation | uint64 |
Description | string | Generation is an optional, monotonically increasing property that may be used to identify a particular generation of the resource represented by this class.
If Generation is supported by the implementation, its value shall not be null.
Except as otherwise specified, a value (including null) of Generation specified at creation time shall be replaced by null if Generation is not supported by the implementation or shall be a, (possibly different), non-null value if the implementation does support Generation.
After creation and if supported, Generation shall be updated, at least once per access, whenever the represented resource is modified, regardless of the source of the modification.
Note: the Generation value only needs to be updated once between references, even if the resource is updated many times. The key point is to assure that it will be different if there have been updates, not to count each update.
Note: unless otherwise specified, the value of Generation within one instance is not required to be coordinated with the value of Generation in any other instance.
Note:the semantics of the instance, (as defined by its creation class), define the underlying resource. That underlying resource may be a collection or aggregation of resources. And, in that case, the semantics of the instance further define when updates to constituent resources also require updates to the Generation of the collective resource. Default behavior of composite aggregations should be to update the Generation of the composite whenever the Generation of a component is updated.
Subclasses may define additional requirements for updates on some or all of related instances.
For a particular instance, the value of Generation may wrap through zero, but the elapsed time between wraps shall be greater than 10's of years.
This class does not require Generation to be unique across instances of other classes nor across instances of the same class that have different keys. Generation shall be different across power cycles, resets, or reboots if any of those actions results in an update. Generation may be different across power cycles, resets, or reboots if those actions do not result in an update. If the Generation property of an instance is non-null, and if any attempt to update the instance includes the Generation property, then if it doesn't match the current value, the update shall fail.
The usage of this property is intended to be further specified by applicable management profiles.
Typically, a client will read the value of this property and then supply that value as input to an operation that modifies the instance in some means. This may be via an explicit parameter in an extrinsic method or via an embedded value in an extrinsic method or intrinsic operation.
For example: a profile may require that an intrinsic instance modification supply the Generation property and that it must match for the modification to succeed. | None | TRANSLATABLE= true |
Experimental | boolean | true | TOSUBCLASS= false | None |
InstanceID | string |
Description | string | Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. To ensure uniqueness within the NameSpace, the value of InstanceID should be constructed using the following "preferred" algorithm:
<OrgID>:<LocalID>
Where <OrgID> and <LocalID> are separated by a colon (:), and where <OrgID> must include a copyrighted, trademarked, or otherwise unique name that is owned by the business entity that is creating or defining the InstanceID or that is a registered ID assigned to the business entity by a recognized global authority. (This requirement is similar to the <Schema Name>_<Class Name> structure of Schema class names.) In addition, to ensure uniqueness, <OrgID> must not contain a colon (:). When using this algorithm, the first colon to appear in InstanceID must appear between <OrgID> and <LocalID>.
<LocalID> is chosen by the business entity and should not be reused to identify different underlying (real-world) elements. If the above "preferred" algorithm is not used, the defining entity must assure that the resulting InstanceID is not reused across any InstanceIDs produced by this or other providers for the NameSpace of this instance.
For DMTF-defined instances, the "preferred" algorithm must be used with the <OrgID> set to CIM. | None | TRANSLATABLE= true |
Key | boolean | true | None | OVERRIDABLE= false
|
Override | string | InstanceID | TOSUBCLASS= false | None |
PACPassword | string |
Description | string | Optional password to extract the PAC (Protected Access Credential) information from the PAC data. | None | TRANSLATABLE= true |
MappingStrings | string | RFC4851.IETF | None | None |
Password | string |
Description | string | A password associated with the user identified by Username within Domain. | None | TRANSLATABLE= true |
MappingStrings | string | draft-ietf-pppext-eap-ttls.IETF, draft-kamath-pppext-peapv0.IETF, draft-josefsson-pppext-eap-tls-eap, RFC4851.IETF, RFC3748.IETF | None | None |
ProtectedAccessCredential | uint8 |
Description | string | A credential used by the supplicant and AAA server to establish a mutually authenticated encrypted tunnel for confidential user authentication. | None | TRANSLATABLE= true |
MappingStrings | string | RFC4851.IETF | None | None |
OctetString | boolean | true | None | OVERRIDABLE= false
|
PSK | uint8 |
Description | string | A pre-shared key used for pre-shared key EAP types such as EAP-PSK, EAP-SIM, and EAP-AKA. | None | TRANSLATABLE= true |
MappingStrings | string | RFC4764.IETF, RFC4186.IETF, RFC4187.IETF | None | None |
OctetString | boolean | true | None | OVERRIDABLE= false
|
RoamingIdentity | string |
Description | string | A string presented to the authentication server in 802.1x protocol exchange. The AAA server determines the format of this string. Formats supported by AAA servers include: <domain>\<username>, <username>@<domain>. | None | TRANSLATABLE= true |
ServerCertificateName | string |
Description | string | The name that shall be compared against the subject name field in the certificate provided by the AAA server. Shall contain either the fully qualified domain name of the AAA server, in which case ServerCertificateNameComparison shall contain "FullName", or the domain suffix of the AAA server, in which case ServerCertificateNameComparison shall contain "DomainSuffix". | None | TRANSLATABLE= true |
ModelCorrespondence | string | CIM_IEEE8021xSettings.ServerCertificateNameComparison | None | None |
ServerCertificateNameComparison | uint16 |
Description | string | The comparison algorithm that shall be used by the server to validate the subject name field of the certificate presented by the AAA server against the value of the ServerCertificateName property. | None | TRANSLATABLE= true |
ModelCorrespondence | string | CIM_IEEE8021xSettings.ServerCertificateName | None | None |
ValueMap | string | 1, 2, 3, 4.. | None | None |
Values | string | Other, FullName, DomainSuffix, DMTF Reserved | None | TRANSLATABLE= true |
Username | string |
Description | string | Identifies the user requesting access to the network. | None | TRANSLATABLE= true |
MappingStrings | string | RFC2716.IETF, draft-ietf-pppext-eap-ttls.IETF, draft-kamath-pppext-peapv0.IETF, draft-josefsson-pppext-eap-tls-eap, RFC4851.IETF, RFC3748.IETF, RFC4764.IETF, RFC4186.IETF, RFC4187.IETF | None | None |
Copyright © 2008-2010 VMware, Inc. All rights reserved.