// =================================================================== // Title: User-Security Roles 2.7 // Filename: User27_Role.mof // Version: 2.7.0 // Status: Final // Date: 03/31/2003 // =================================================================== // Copyright 2000-2003 Distributed Management Task Force, Inc. (DMTF). // All rights reserved. // DMTF is a not-for-profit association of industry members dedicated // to promoting enterprise and systems management and interoperability. // DMTF specifications and documents may be reproduced for uses // consistent with this purpose by members and non-members, // provided that correct attribution is given. // As DMTF specifications may be revised from time to time, // the particular version and release date should always be noted. // // Implementation of certain elements of this standard or proposed // standard may be subject to third party patent rights, including // provisional patent rights (herein "patent rights"). DMTF makes // no representations to users of the standard as to the existence // of such rights, and is not responsible to recognize, disclose, or // identify any or all such third party patent right, owners or // claimants, nor for any incomplete or inaccurate identification or // disclosure of such rights, owners or claimants. DMTF shall have no // liability to any party, in any manner or circumstance, under any // legal theory whatsoever, for failure to recognize, disclose, or // identify any such third party patent rights, or for such party's // reliance on the standard or incorporation thereof in its product, // protocols or testing procedures. DMTF shall have no liability to // any party implementing such standard, whether such implementation // is foreseeable or not, nor to any patent owner or claimant, and shall // have no liability or responsibility for costs or losses incurred if // a standard is withdrawn or modified after publication, and shall be // indemnified and held harmless by any party implementing the // standard from any and all claims of infringement by a patent owner // for such implementations. // // For information about patents held by third-parties which have // notified the DMTF that, in their opinion, such patent may relate to // or impact implementations of DMTF standards, visit // http://www.dmtf.org/about/policies/disclosures.php. // =================================================================== // Description: The User Model extends the management concepts that // are related to users and security. // This file defines the concepts and classes for roles. // // The object classes below are listed in an order that // avoids forward references. Required objects, defined // by other working groups, are omitted. // =================================================================== // Change Log for v2.7 // (ERRATA) CR855 - Change cardinality of the Antecedent from 0..1 // to 1 for MoreOrganizationInfo and MoreOrgUnitInfo // =================================================================== #pragma Locale ("en_US") // ================================================================== // Role // ================================================================== [Version ("2.6.0"), Description ( "The Role object class is used to represent a position or set of " "responsibilities within an organization, organizational unit or " "system administration scope and is filled by a person or persons " "(or non-human entities represented by ManagedSystemElement " "subclasses) that may be explicitly or implicitly members of this " "collection subclass. The class is defined so as to incorporate " "commonly-used LDAP attributes to permit implementations to " "easily derive this information from LDAP-accessible directories. " "The members of a role are frequently called role occupants. " "This class's properties are a subset of a related class, " "OtherRoleInformation, which defines all the group properties " "and in array form for directory compatibility.") ] class CIM_Role : CIM_Collection { [Key, MaxLen (256), Description ( "CreationClassName indicates the name of the class or the " "subclass used in the creation of an instance. When used " "with the other key properties of this class, this property " "allows all instances of this class and its subclasses to " "be uniquely identified.") ] string CreationClassName; [Key, MaxLen (1024),Description ( "The Name property defines the label by which the object is " "known. In the case of an LDAP-derived instance, the Name " "property value may be set to the distinguishedName of the " "LDAP-accessed object instance.") ] string Name; [MaxLen (128), Description ( "This property may be used to describe the kind of business " "activity performed by the members (role occupants) in the " "position or set of responsibilities represented by the " "Role.") ] string BusinessCategory; [Required, Description ( "A Common Name is a (possibly ambiguous) name by which the " "role is commonly known in some limited scope (such as an " "organization) and conforms to the naming conventions of the " "country or culture with which it is associated.") ] string CommonName; }; // ================================================================== // OtherRoleInformation // ================================================================== [Version ("2.6.0"), Description ( "The OtherRoleInformation class is used to provide additional " "information about an associated Role instance. This class is " "defined so as to incorporate commonly-used LDAP attributes to " "permit implementations to easily derive this information from " "LDAP-accessible directories.") ] class CIM_OtherRoleInformation : CIM_ManagedElement { [Key, MaxLen (256), Description ( "CreationClassName indicates the name of the class or the " "subclass used in the creation of an instance. When used " "with the other key properties of this class, this property " "allows all instances of this class and its subclasses to " "be uniquely identified.") ] string CreationClassName; [Key, MaxLen (1024),Description ( "The Name property defines the label by which the object is " "known. In the case of an LDAP-derived instance, the Name " "property value may be set to the distinguishedName of the " "LDAP-accessed object instance.") ] string Name; [Description ( "In the case of an LDAP-derived instance, the ObjectClass " "property value(s) may be set to the objectClass attribute " "values.") ] string ObjectClass[]; [MaxLen (128), Description ( "This property may be used to describe the kind of business " "activity performed by the members (role occupants) in the " "position or set of responsibilities represented by the " "Role.") ] string BusinessCategory[]; [Description ( "A Common Name is a (possibly ambiguous) name by which the " "role is commonly known in some limited scope (such as an " "organization) and conforms to the naming conventions of the " "country or culture with which it is associated.") ] string CommonName[]; [MaxLen (1024), Description ( "The Descriptions property values may contain human-readable " "descriptions of the object. In the case of an LDAP-derived " "instance, the description attribute may have multiple values " "that, therefore, cannot be placed in the inherited " "Description property.") ] string Descriptions[]; [MaxLen (128), Description ( "This property is used for the role occupants' telegram " "service.") ] string DestinationIndicator[]; [Description ( "The role occupants' facsimile telephone number.") ] string FacsimileTelephoneNumber[]; [MaxLen (16), Description ( "The role occupants' International ISDN number.") ] string InternationaliSDNNumber[]; [Description ( "The name of an organizational unit related to the role.") ] string OU[]; [MaxLen (128), Description ( "The Physical Delivery Office Name property specifies the name " "of the city, village, etc. where a physical delivery office " "is situated.") ] string PhysicalDeliveryOfficeName[]; [Description ( "The Postal Address property values specify the address " "information required for the physical delivery of postal " "messages by the postal authority to the role occupants.") ] string PostalAddress[]; [MaxLen (40), Description ( "The Postal Code property specifies the postal code for the " "role occupants. If this value is present it will be part of " "the object's postal address.") ] string PostalCode[]; [MaxLen (40), Description ( "The Post Office Box property specifies the Post Office Box " "by which the role occupants will receive physical postal " "delivery. If present, the property value is part of the " "object's postal address.") ] string PostOfficeBox[]; [Description ( "The Preferred Delivery Method property specifies the " "role occupants' preferred method to be used for contacting " "them in their role.") ] string PreferredDeliveryMethod; [Description ( "This property specifies a postal address suitable for receipt " "of telegrams or expedited documents, where it is necessary to " "have the recipient accept delivery.") ] string RegisteredAddress[]; [Description ( "In the case of an LDAP-derived instance, the See Also " "property specifies distinguishedName of other Directory " "objects which may be other aspects (in some sense) of the " "same real world object.") ] string SeeAlso[]; [Description ( "The State or Province Name property specifies a state or " "province.") ] string StateOrProvince[]; [MaxLen (128), Description ( "The Street Address property specifies a site for the local " "distribution and physical delivery in a postal address, i.e. " "the street name, place, avenue, and the number.") ] string Street[]; [MaxLen (32), Description ( "The Telephone Number property specifies a telephone number of " "the role occupants, e.g. + 44 582 10101).") ] string TelephoneNumber[]; [Description ( "The Teletex Terminal Identifier property specifies the " "Teletex terminal identifier (and, optionally, parameters) for " "a teletex terminal associated with the role occupants.") ] string TeletexTerminalIdentifier[]; [Description ( "The Telex Number property specifies the telex number, country " "code, and answerback code of a telex terminal for the " "role occupants.") ] string TelexNumber[]; [MaxLen (15), Description ( "An X.121 address for the role occupants.") ] string X121Address[]; }; // ================================================================== // MoreRoleInfo // ================================================================== [Association, Version ("2.7.0"), Description ( "CIM_MoreRoleInfo is an association used to extend the " "information in a CIM_Role class instance.") ] class CIM_MoreRoleInfo : CIM_Dependency { [Min (1), Max (1), Override ("Antecedent"), Description ("The Role which has more information.") ] CIM_Role REF Antecedent; [Max (1), Override ("Dependent"), Description ("Additional data concerning the Role.") ] CIM_OtherRoleInformation REF Dependent; }; // ================================================================== // SystemAdministratorRole // ================================================================== [Association, Version ("2.6.0"), Description ( "CIM_SystemAdministratorRole is an association used to identify " "a system administrator Role for a CIM_System.") ] class CIM_SystemAdministratorRole : CIM_Dependency { [Override ("Antecedent"), Description ("The administered system.") ] CIM_System REF Antecedent; [Override ("Dependent"), Description ("The system administration role.") ] CIM_Role REF Dependent; }; // =================================================================== // end of file // ===================================================================