104 karl 1.1 //
105 // ===================================================================
106
107 // ===================================================================
108 // === Pragmas ===
109 // ===================================================================
110 #pragma Locale ("en_US")
111
112
113
114 // ==================================================================
115 // === Data class definitions ===
116 // ==================================================================
117
118
119 // ==================================================================
120 // Group
121 // ==================================================================
122 [Description (
123 "The Group class is used to collect ManagedElements into groups. "
124 "This class is defined so as to incorporate commonly-used LDAP "
125 karl 1.1 "attributes to permit implementations to easily derive this "
126 "information from LDAP-accessible directories. This class's "
127 "properties are a subset of a related class, "
128 "OtherGroupInformation, which defines all the group properties "
129 "and in array form for directory compatibility." ) ]
130 class CIM_Group : CIM_Collection
131 {
132 [Key, MaxLen (256), Description (
133 "CreationClassName indicates the name of the class or the "
134 "subclass used in the creation of an instance. When used "
135 "with the other key properties of this class, this property "
136 "allows all instances of this class and its subclasses to "
137 "be uniquely identified.")]
138 string CreationClassName;
139 [Key, MaxLen (1024), Description (
140 "The Name property defines the label by which the object is "
141 "known. In the case of an LDAP-derived instance, the Name "
142 "property value may be set to the distinguishedName of the "
143 "LDAP-accessed object instance.")]
144 string Name;
145 [MaxLen (128), Description (
146 karl 1.1 "The BusinessCategory property may be used to describe the "
147 "kind of business activity performed by the members of the "
148 "group.")]
149 string BusinessCategory;
150 [Required, Description (
151 "A Common Name is a (possibly ambiguous) name by which the "
152 "group is commonly known in some limited scope (such as an "
153 "organization) and conforms to the naming conventions of the "
154 "country or culture with which it is associated.")]
155 string CommonName;
156 };
157
158 // ==================================================================
159 // OtherGroupInformation
160 // ==================================================================
161 [Description (
162 "The OtherGroupInformation class provides additional information "
163 "about an associated Group instance. This class is defined so as "
164 "to incorporate commonly-used LDAP attributes to permit "
165 "implementations to easily derive this information from "
166 "LDAP-accessible directories.") ]
167 karl 1.1 class CIM_OtherGroupInformation : CIM_ManagedElement
168 {
169 [Key, MaxLen (256), Description (
170 "CreationClassName indicates the name of the class or the "
171 "subclass used in the creation of an instance. When used "
172 "with the other key properties of this class, this property "
173 "allows all instances of this class and its subclasses to "
174 "be uniquely identified.")]
175 string CreationClassName;
176 [Key, MaxLen (1024), Description (
177 "The Name property defines the label by which the object is "
178 "known. In the case of an LDAP-derived instance, the Name "
179 "property value may be set to the distinguishedName of the "
180 "LDAP-accessed object instance.")]
181 string Name;
182 [Description (
183 "In the case of an LDAP-derived instance, the ObjectClass "
184 "property value(s) may be set to the objectClass attribute "
185 "values.")]
186 string ObjectClass[];
187 [MaxLen (128), Description (
188 karl 1.1 "The BusinessCategory property may be used to describe the "
189 "kind of business activity performed by the members of the "
190 "group.")]
191 string BusinessCategory[];
192 [Description (
193 "A Common Name is a (possibly ambiguous) name by which the "
194 "group is commonly known in some limited scope (such as an "
195 "organization) and conforms to the naming conventions of the "
196 "country or culture with which it is associated.")]
197 string CommonName[];
198 [MaxLen (1024), Description (
199 "The Descriptions property values may contain human-readable "
200 "descriptions of the object. In the case of an LDAP-derived "
201 "instance, the description attribute may have multiple values "
202 "that, therefore, cannot be placed in the inherited "
203 "Description property.")]
204 string Descriptions[];
205 [Description (
206 "The name of an organization related to the group.")]
207 string OrganizationName[];
208 [Description (
209 karl 1.1 "The name of an organizational unit related to the group.")]
210 string OU[];
211 [Description (
212 "The Owner property specifies the name of some object that "
213 "has some responsibility for the group. In the case of an "
214 "LDAP-derived instance, a property value for Owner may be a "
215 "distinguishedName of owning persons, groups, roles, etc.")]
216 string Owner[];
217 [Description (
218 "In the case of an LDAP-derived instance, the See Also "
219 "property specifies distinguishedName of other Directory "
220 "objects which may be other aspects (in some sense) of the "
221 "same real world object.")]
222 string SeeAlso[];
223 };
224
225 // ==================================================================
226 // Role
227 // ==================================================================
228 [Description (
229 "The Role object class is used to represent a position or set of "
230 karl 1.1 "responsibilities within an organization, organizational unit or "
231 "system administration scope and is filled by a person or persons "
232 "(or non-human entities represented by ManagedSystemElement "
233 "subclasses) that may be explicitly or implicitly members of this "
234 "collection subclass. The class is defined so as to incorporate "
235 "commonly-used LDAP attributes to permit implementations to "
236 "easily derive this information from LDAP-accessible directories. "
237 "The members of a role are frequently called role occupants. "
238 "This class's properties are a subset of a related class, "
239 "OtherRoleInformation, which defines all the group properties "
240 "and in array form for directory compatibility. ")]
241 class CIM_Role : CIM_Collection
242 {
243 [Key, MaxLen (256), Description (
244 "CreationClassName indicates the name of the class or the "
245 "subclass used in the creation of an instance. When used "
246 "with the other key properties of this class, this property "
247 "allows all instances of this class and its subclasses to "
248 "be uniquely identified.")]
249 string CreationClassName;
250 [Key, MaxLen (1024),Description (
251 karl 1.1 "The Name property defines the label by which the object is "
252 "known. In the case of an LDAP-derived instance, the Name "
253 "property value may be set to the distinguishedName of the "
254 "LDAP-accessed object instance.")]
255 string Name;
256 [MaxLen (128), Description (
257 "This property may be used to describe the kind of business "
258 "activity performed by the members (role occupants) in the "
259 "position or set of responsibilities represented by the Role. "
260 )]
261 string BusinessCategory;
262 [Required, Description (
263 "A Common Name is a (possibly ambiguous) name by which the "
264 "role is commonly known in some limited scope (such as an "
265 "organization) and conforms to the naming conventions of the "
266 "country or culture with which it is associated.")]
267 string CommonName;
268 };
269
270 // ==================================================================
271 // OtherRoleInformation
272 karl 1.1 // ==================================================================
273 [Description (
274 "The OtherRoleInformation class is used to provide additional "
275 "information about an associated Role instance. This class is "
276 "defined so as to incorporate commonly-used LDAP attributes to "
277 "permit implementations to easily derive this information from "
278 "LDAP-accessible directories.") ]
279 class CIM_OtherRoleInformation : CIM_ManagedElement
280 {
281 [Key, MaxLen (256), Description (
282 "CreationClassName indicates the name of the class or the "
283 "subclass used in the creation of an instance. When used "
284 "with the other key properties of this class, this property "
285 "allows all instances of this class and its subclasses to "
286 "be uniquely identified.")]
287 string CreationClassName;
288 [Key, MaxLen (1024),Description (
289 "The Name property defines the label by which the object is "
290 "known. In the case of an LDAP-derived instance, the Name "
291 "property value may be set to the distinguishedName of the "
292 "LDAP-accessed object instance.")]
293 karl 1.1 string Name;
294 [Description (
295 "In the case of an LDAP-derived instance, the ObjectClass "
296 "property value(s) may be set to the objectClass attribute "
297 "values.")]
298 string ObjectClass[];
299 [MaxLen (128), Description (
300 "This property may be used to describe the kind of business "
301 "activity performed by the members (role occupants) in the "
302 "position or set of responsibilities represented by the Role. "
303 )]
304 string BusinessCategory[];
305 [Description (
306 "A Common Name is a (possibly ambiguous) name by which the "
307 "role is commonly known in some limited scope (such as an "
308 "organization) and conforms to the naming conventions of the "
309 "country or culture with which it is associated.")]
310 string CommonName[];
311 [MaxLen (1024), Description (
312 "The Descriptions property values may contain human-readable "
313 "descriptions of the object. In the case of an LDAP-derived "
314 karl 1.1 "instance, the description attribute may have multiple values "
315 "that, therefore, cannot be placed in the inherited "
316 "Description property.")]
317 string Descriptions[];
318 [MaxLen (128), Description (
319 "This property is used for the role occupants' telegram "
320 "service.")]
321 string DestinationIndicator[];
322 [Description (
323 "The role occupants' facsimile telephone number.")]
324 string FacsimileTelephoneNumber[];
325 [MaxLen (16), Description (
326 "The role occupants' International ISDN number.")]
327 string InternationaliSDNNumber[];
328 [Description (
329 "The name of an organizational unit related to the role.")]
330 string OU[];
331 [MaxLen (128), Description (
332 "The Physical Delivery Office Name property specifies the name "
333 "of the city, village, etc. where a physical delivery office "
334 "is situated.")]
335 karl 1.1 string PhysicalDeliveryOfficeName[];
336 [Description (
337 "The Postal Address property values specify the address "
338 "information required for the physical delivery of postal "
339 "messages by the postal authority to the role occupants.")]
340 string PostalAddress[];
341 [MaxLen (40), Description (
342 "The Postal Code property specifies the postal code for the "
343 "role occupants. If this value is present it will be part of "
344 "the object's postal address.")]
345 string PostalCode[];
346 [MaxLen (40), Description (
347 "The Post Office Box property specifies the Post Office Box "
348 "by which the role occupants will receive physical postal "
349 "delivery. If present, the property value is part of the "
350 "object's postal address.")]
351 string PostOfficeBox[];
352 [Description (
353 "The Preferred Delivery Method property specifies the "
354 "role occupants' preferred method to be used for contacting "
355 "them in their role.")]
356 karl 1.1 string PreferredDeliveryMethod;
357 [Description (
358 "This property specifies a postal address suitable for receipt "
359 "of telegrams or expedited documents, where it is necessary to "
360 "have the recipient accept delivery.")]
361 string RegisteredAddress[];
362 [Description (
363 "In the case of an LDAP-derived instance, the See Also "
364 "property specifies distinguishedName of other Directory "
365 "objects which may be other aspects (in some sense) of the "
366 "same real world object.")]
367 string SeeAlso[];
368 [Description (
369 "The State or Province Name property specifies a state or "
370 "province." )]
371 string StateOrProvince[];
372 [MaxLen (128), Description (
373 "The Street Address property specifies a site for the local "
374 "distribution and physical delivery in a postal address, i.e. "
375 "the street name, place, avenue, and the number." )]
376 string Street[];
377 karl 1.1 [MaxLen (32), Description (
378 "The Telephone Number property specifies a telephone number of "
379 "the role occupants, e.g. + 44 582 10101)." )]
380 string TelephoneNumber[];
381 [Description (
382 "The Teletex Terminal Identifier property specifies the "
383 "Teletex terminal identifier (and, optionally, parameters) for "
384 "a teletex terminal associated with the role occupants." )]
385 string TeletexTerminalIdentifier[];
386 [Description (
387 "The Telex Number property specifies the telex number, country "
388 "code, and answerback code of a telex terminal for the "
389 "role occupants." )]
390 string TelexNumber[];
391 [MaxLen (15), Description (
392 "An X.121 address for the role occupants.")]
393 string X121Address[];
394 };
395
396 // ==================================================================
397 // OrganizationalEntity
398 karl 1.1 // ==================================================================
399 [Abstract, Description (
400 "OrganizationalEntity is an abstract class from which classes "
401 "that fit into an organizational structure are derived.") ]
402 class CIM_OrganizationalEntity : CIM_ManagedElement
403 {
404 };
405
406 // ==================================================================
407 // Organization
408 // ==================================================================
409 [Description (
410 "The Organization class is used to represent an organization such "
411 "as a corporation or other autonomous entity. The class is "
412 "defined so as to incorporate commonly-used LDAP attributes to "
413 "permit implementations to easily derive this information from "
414 "LDAP-accessible directories. This class's properties are a "
415 "subset of a related class, OtherOrganizationInformation, which "
416 "defines all the group properties and in array form for "
417 "directory compatibility.") ]
418 class CIM_Organization : CIM_OrganizationalEntity
419 karl 1.1 {
420 [Key, MaxLen (256), Description (
421 "CreationClassName indicates the name of the class or the "
422 "subclass used in the creation of an instance. When used "
423 "with the other key properties of this class, this property "
424 "allows all instances of this class and its subclasses to "
425 "be uniquely identified.")]
426 string CreationClassName;
427 [Key, MaxLen (1024),Description (
428 "The Name property defines the label by which the object is "
429 "known. In the case of an LDAP-derived instance, the Name "
430 "property value may be set to the distinguishedName of the "
431 "LDAP-accessed object instance.")]
432 string Name;
433 [MaxLen (128), Description (
434 "This property describes the kind of business performed by an "
435 "organization.")]
436 string BusinessCategory;
437 [Description (
438 "The organization's facsimile telephone number.")]
439 string FacsimileTelephoneNumber;
440 karl 1.1 [Description (
441 "This property contains the name of a locality, such as a "
442 "city, county or other geographic region.")]
443 string LocalityName;
444 [Description (
445 "Based on RFC1274, the mail box addresses for the organization "
446 "as defined in RFC822.")]
447 string Mail;
448 [Required, Description (
449 "The name of the organization.")]
450 string OrganizationName;
451 [Description (
452 "The Postal Address property values specify the address "
453 "information required for the physical delivery of postal "
454 "messages by the postal authority to the organization.")]
455 string PostalAddress[];
456 [MaxLen (40), Description (
457 "The Postal Code property specifies the postal code of the "
458 "organization. If this value is present it will be part of "
459 "the object's postal address.")]
460 string PostalCode;
461 karl 1.1 [Description (
462 "The State or Province Name property specifies a state or "
463 "province." )]
464 string StateOrProvince;
465 [MaxLen (32), Description (
466 "The Telephone Number property specifies a telephone number of "
467 "the organization, e.g. + 44 582 10101)." )]
468 string TelephoneNumber;
469 };
470
471 // ==================================================================
472 // OtherOrganizationInformation
473 // ==================================================================
474 [Description (
475 "The OtherOrganizationInformation class is used to provide "
476 "additional information about an associated Organization instance. "
477 "This class is defined so as to incorporate commonly-used LDAP "
478 "attributes to permit implementations to easily derive this "
479 "information from LDAP-accessible directories.") ]
480 class CIM_OtherOrganizationInformation : CIM_ManagedElement
481 {
482 karl 1.1 [Key, MaxLen (256), Description (
483 "CreationClassName indicates the name of the class or the "
484 "subclass used in the creation of an instance. When used "
485 "with the other key properties of this class, this property "
486 "allows all instances of this class and its subclasses to "
487 "be uniquely identified.")]
488 string CreationClassName;
489 [Key, MaxLen (1024),Description (
490 "The Name property defines the label by which the object is "
491 "known. In the case of an LDAP-derived instance, the Name "
492 "property value may be set to the distinguishedName of the "
493 "LDAP-accessed object instance.")]
494 string Name;
495 [Description (
496 "In the case of an LDAP-derived instance, the ObjectClass "
497 "property value(s) may be set to the objectClass attribute "
498 "values.")]
499 string ObjectClass[];
500 [MaxLen (128), Description (
501 "This property describes the kind of business performed by an "
502 "organization.")]
503 karl 1.1 string BusinessCategory[];
504 [MaxLen (1024), Description (
505 "The Descriptions property values may contain human-readable "
506 "descriptions of the object. In the case of an LDAP-derived "
507 "instance, the description attribute may have multiple values "
508 "that, therefore, cannot be placed in the inherited "
509 "Description property.")]
510 string Descriptions[];
511 [MaxLen (128), Description (
512 "This property is used for the organization's telegram "
513 "service.")]
514 string DestinationIndicator[];
515 [Description (
516 "The organization's facsimile telephone number.")]
517 string FacsimileTelephoneNumber[];
518 [MaxLen (16), Description (
519 "The organization's International ISDN number.")]
520 string InternationaliSDNNumber[];
521 [Description (
522 "Uniform Resource Identifier with optional label as defined in "
523 "RFC2079.")]
524 karl 1.1 string LabeledURI[];
525 [Description (
526 "This property contains the name of a locality, such as a "
527 "city, county or other geographic region.")]
528 string LocalityName[];
529 [Description (
530 "Based on RFC1274, the mail box addresses for the organization "
531 "as defined in RFC822.")]
532 string Mail[];
533 [Description (
534 "The manager for the organization. In the case of an "
535 "LDAP-derived instance, the Manager property value may contain "
536 "the distinguishedName of the Manager.")]
537 string Manager[];
538 [Description (
539 "The name of the organization.")]
540 string OrganizationName[];
541 [Description (
542 "Based on RFC1274, this property may be used for electronic "
543 "mail box addresses other than RFC822 and X.400.")]
544 string OtherMailbox[];
545 karl 1.1 [MaxLen (128), Description (
546 "The Physical Delivery Office Name property specifies the name "
547 "of the city, village, etc. where a physical delivery office "
548 "is situated.")]
549 string PhysicalDeliveryOfficeName[];
550 [Description (
551 "The Postal Address property values specify the address "
552 "information required for the physical delivery of postal "
553 "messages by the postal authority to the organization.")]
554 string PostalAddress[];
555 [MaxLen (40), Description (
556 "The Postal Code property specifies the postal code of the "
557 "organization. If this value is present it will be part of "
558 "the object's postal address.")]
559 string PostalCode[];
560 [MaxLen (40), Description (
561 "The Post Office Box property specifies the Post Office Box "
562 "by which the organization will receive physical postal "
563 "delivery. If present, the property value is part of the "
564 "object's postal address.")]
565 string PostOfficeBox[];
566 karl 1.1 [Description (
567 "The Preferred Delivery Method property specifies the "
568 "organization's preferred method to be used for communicating "
569 "with it.")]
570 string PreferredDeliveryMethod;
571 [Description (
572 "This property specifies a postal address suitable for receipt "
573 "of telegrams or expedited documents, where it is necessary to "
574 "have the recipient accept delivery.")]
575 string RegisteredAddress[];
576 [Description (
577 "This property value is for use by X.500 clients in "
578 "constructing search filters.")]
579 string SearchGuide[];
580 [Description (
581 "In the case of an LDAP-derived instance, the See Also "
582 "property specifies distinguishedName of other Directory "
583 "objects which may be other aspects (in some sense) of the "
584 "same real world object.")]
585 string SeeAlso[];
586 [Description (
587 karl 1.1 "The State or Province Name property specifies a state or "
588 "province." )]
589 string StateOrProvince[];
590 [MaxLen (128), Description (
591 "The Street Address property specifies a site for the local "
592 "distribution and physical delivery in a postal address, i.e. "
593 "the street name, place, avenue, and the number." )]
594 string Street[];
595 [MaxLen (32), Description (
596 "The Telephone Number property specifies a telephone number of "
597 "the organization, e.g. + 44 582 10101)." )]
598 string TelephoneNumber[];
599 [Description (
600 "The Teletex Terminal Identifier property specifies the "
601 "Teletex terminal identifier (and, optionally, parameters) for "
602 "a teletex terminal associated with the organization." )]
603 string TeletexTerminalIdentifier[];
604 [Description (
605 "The Telex Number property specifies the telex number, country "
606 "code, and answerback code of a telex terminal for the "
607 "organization." )]
608 karl 1.1 string TelexNumber[];
609 [Octetstring, Description (
610 "An image of the organization logo")]
611 string ThumbnailLogo[];
612 [Description (
613 "A unique identifier that may be assigned in an environment to "
614 "differentiate between uses of a given named organization "
615 "instance.")]
616 string UniqueIdentifier[];
617 [Octetstring, Description (
618 "In the case of an LDAP-derived instance, the UserPassword "
619 "property may contain an encrypted password used to access "
620 "the organization's resources in a directory." )]
621 string UserPassword[];
622 [MaxLen (15), Description (
623 "An X.121 address for the organization.")]
624 string X121Address[];
625 };
626
627 // ==================================================================
628 // OrgUnit
629 karl 1.1 // ==================================================================
630 [Description (
631 "The OrgUnit class is used to represent a sub-unit of an "
632 "organization such a division or department. The class is "
633 "defined so as to incorporate commonly-used LDAP attributes to "
634 "permit implementations to easily derive this information from "
635 "LDAP-accessible directories. This class's properties are a "
636 "subset of a related class, OtherOrgUnitInformation, which "
637 "defines all the group properties and in array form for "
638 "directory compatibility. ") ]
639 class CIM_OrgUnit : CIM_OrganizationalEntity
640 {
641 [Key, MaxLen (256), Description (
642 "CreationClassName indicates the name of the class or the "
643 "subclass used in the creation of an instance. When used "
644 "with the other key properties of this class, this property "
645 "allows all instances of this class and its subclasses to "
646 "be uniquely identified.")]
647 string CreationClassName;
648 [Key, MaxLen (1024),Description (
649 "The Name property defines the label by which the object is "
650 karl 1.1 "known. In the case of an LDAP-derived instance, the Name "
651 "property value may be set to the distinguishedName of the "
652 "LDAP-accessed object instance.")]
653 string Name;
654 [MaxLen (128), Description (
655 "This property describes the kind of business performed by an "
656 "organizational unit.")]
657 string BusinessCategory;
658 [Description (
659 "The organizational unit's facsimile telephone number.")]
660 string FacsimileTelephoneNumber;
661 [Description (
662 "This property contains the name of a locality, such as a "
663 "city, county or other geographic region.")]
664 string LocalityName;
665 [Required, Description (
666 "The name of the organizational unit.")]
667 string OU;
668 [Description (
669 "The Postal Address property values specify the address "
670 "information required for the physical delivery of postal "
671 karl 1.1 "messages by the postal authority to the organizational unit."
672 )]
673 string PostalAddress[];
674 [MaxLen (40), Description (
675 "The Postal Code property specifies the postal code of the "
676 "organizational unit. If this value is present it will be "
677 "part of the object's postal address.")]
678 string PostalCode;
679 [Description (
680 "The State or Province Name property specifies a state or "
681 "province." )]
682 string StateOrProvince;
683 [MaxLen (32), Description (
684 "The Telephone Number property specifies a telephone number of "
685 "the organizational unit, e.g. + 44 582 10101)." )]
686 string TelephoneNumber;
687 };
688
689 // ==================================================================
690 // OtherOrgUnitInformation
691 // ==================================================================
692 karl 1.1 [Description (
693 "The OtherOrgUnitInformation class is used to provide "
694 "additional information about an associated OrgUnit instance. "
695 "This class is defined so as to incorporate commonly-used LDAP "
696 "attributes to permit implementations to easily derive this "
697 "information from LDAP-accessible directories.") ]
698 class CIM_OtherOrgUnitInformation : CIM_ManagedElement
699 {
700 [Key, MaxLen (256), Description (
701 "CreationClassName indicates the name of the class or the "
702 "subclass used in the creation of an instance. When used "
703 "with the other key properties of this class, this property "
704 "allows all instances of this class and its subclasses to "
705 "be uniquely identified.")]
706 string CreationClassName;
707 [Key, MaxLen (1024),Description (
708 "The Name property defines the label by which the object is "
709 "known. In the case of an LDAP-derived instance, the Name "
710 "property value may be set to the distinguishedName of the "
711 "LDAP-accessed object instance.")]
712 string Name;
713 karl 1.1 [Description (
714 "In the case of an LDAP-derived instance, the ObjectClass "
715 "property value(s) may be set to the objectClass attribute "
716 "values.")]
717 string ObjectClass[];
718 [MaxLen (128), Description (
719 "This property describes the kind of business performed by an "
720 "organizational unit.")]
721 string BusinessCategory[];
722 [MaxLen (1024), Description (
723 "The Descriptions property values may contain human-readable "
724 "descriptions of the object. In the case of an LDAP-derived "
725 "instance, the description attribute may have multiple values "
726 "that, therefore, cannot be placed in the inherited "
727 "Description property.")]
728 string Descriptions[];
729 [MaxLen (128), Description (
730 "This property is used for the organizational unit's telegram "
731 "service.")]
732 string DestinationIndicator[];
733 [Description (
734 karl 1.1 "The organizational unit's facsimile telephone number.")]
735 string FacsimileTelephoneNumber[];
736 [MaxLen (16), Description (
737 "The organizational unit's International ISDN number.")]
738 string InternationaliSDNNumber[];
739 [Description (
740 "This property contains the name of a locality, such as a "
741 "city, county or other geographic region.")]
742 string LocalityName[];
743 [Description (
744 "The name of the organizational unit.")]
745 string OU[];
746 [MaxLen (128), Description (
747 "The Physical Delivery Office Name property specifies the name "
748 "of the city, village, etc. where a physical delivery office "
749 "is situated.")]
750 string PhysicalDeliveryOfficeName[];
751 [Description (
752 "The Postal Address property values specify the address "
753 "information required for the physical delivery of postal "
754 "messages by the postal authority to the organizational unit."
755 karl 1.1 )]
756 string PostalAddress[];
757 [MaxLen (40), Description (
758 "The Postal Code property specifies the postal code of the "
759 "organizational unit. If this value is present it will be "
760 "part of the object's postal address.")]
761 string PostalCode[];
762 [MaxLen (40), Description (
763 "The Post Office Box property specifies the Post Office Box "
764 "by which the organizational unit will receive physical "
765 "postal delivery. If present, the property value is part of "
766 "the object's postal address.")]
767 string PostOfficeBox[];
768 [Description (
769 "The Preferred Delivery Method property specifies the "
770 "organizational unit's preferred method to be used for "
771 "communicating with it.")]
772 string PreferredDeliveryMethod;
773 [Description (
774 "This property value is for use by X.500 clients in "
775 "constructing search filters.")]
776 karl 1.1 string SearchGuide[];
777 [Description (
778 "In the case of an LDAP-derived instance, the See Also "
779 "property specifies distinguishedName of other Directory "
780 "objects which may be other aspects (in some sense) of the "
781 "same real world object.")]
782 string SeeAlso[];
783 [Description (
784 "The State or Province Name property specifies a state or "
785 "province." )]
786 string StateOrProvince[];
787 [MaxLen (128), Description (
788 "The Street Address property specifies a site for the local "
789 "distribution and physical delivery in a postal address, i.e. "
790 "the street name, place, avenue, and the number." )]
791 string Street[];
792 [MaxLen (32), Description (
793 "The Telephone Number property specifies a telephone number of "
794 "the organizational unit, e.g. + 44 582 10101)." )]
795 string TelephoneNumber[];
796 [Description (
797 karl 1.1 "The Teletex Terminal Identifier property specifies the "
798 "Teletex terminal identifier (and, optionally, parameters) for "
799 "a teletex terminal associated with the organizational unit."
800 )]
801 string TeletexTerminalIdentifier[];
802 [Description (
803 "The Telex Number property specifies the telex number, country "
804 "code, and answerback code of a telex terminal for the "
805 "organization." )]
806 string TelexNumber[];
807 [Octetstring, Description (
808 "In the case of an LDAP-derived instance, the UserPassword "
809 "property may contain an encrypted password used to access "
810 "the organizational unit's resources in a directory." )]
811 string UserPassword[];
812 [MaxLen (15), Description (
813 "An X.121 address for the organization.")]
814 string X121Address[];
815 };
816
817 // ==================================================================
818 karl 1.1 // UserEntity
819 // ==================================================================
820 [Abstract, Description (
821 "UserEntity is an abstract class that represents users.") ]
822 class CIM_UserEntity : CIM_OrganizationalEntity
823 {
824 };
825
826 // ==================================================================
827 // Person
828 // ==================================================================
829 [Description (
830 "The Person object class is used to represent people. The class "
831 "is defined so as to incorporate commonly-used LDAP attributes to "
832 "permit implementations to easily derive this information from "
833 "LDAP-accessible directories. This class's properties are a "
834 "subset of a related class, OtherPersonInformation, which "
835 "defines all the group properties and in array form for "
836 "directory compatibility. ") ]
837 class CIM_Person : CIM_UserEntity
838 {
839 karl 1.1 [Key, MaxLen (256), Description (
840 "CreationClassName indicates the name of the class or the "
841 "subclass used in the creation of an instance. When used "
842 "with the other key properties of this class, this property "
843 "allows all instances of this class and its subclasses to "
844 "be uniquely identified.")]
845 string CreationClassName;
846 [Key, MaxLen (1024),Description (
847 "The Name property defines the label by which the object is "
848 "known. In the case of an LDAP-derived instance, the Name "
849 "property value may be set to the distinguishedName of the "
850 "LDAP-accessed object instance.")]
851 string Name;
852 [MaxLen (128), Description (
853 "This property describes the kind of business performed by an "
854 "organization.")]
855 string BusinessCategory;
856 [Required, Description (
857 "A Common Name is a (possibly ambiguous) name by which the "
858 "role is commonly known in some limited scope (such as an "
859 "organization) and conforms to the naming conventions of the "
860 karl 1.1 "country or culture with which it is associated.")]
861 string CommonName;
862 [Description (
863 "Based on inetPrgPerson, the Employee Number property "
864 "specifies a numeric or an alphanumeric identifier assigned to "
865 "a person.")]
866 string EmployeeNumber;
867 [Description (
868 "Based on inetOrgPerson, the Employee Type property is used to "
869 "identify the employer to employee relationship. Typical "
870 "values used may include 'Contractor', 'Employee', 'Intern', "
871 "'Temp', 'External', and 'Unknown' but any value may be used."
872 )]
873 string EmployeeType;
874 [Description (
875 "The person's facsimile telephone number.")]
876 string FacsimileTelephoneNumber;
877 [MaxLen (32), Description (
878 "Based on RFC1274, the Home Phone property specifies a home "
879 "telephone number for the person, e.g. + 44 582 10101)." )]
880 string HomePhone;
881 karl 1.1 [Description (
882 "The Home Postal Address property values specify the home "
883 "address information required for the physical delivery of "
884 "postal messages by the postal authority.")]
885 string HomePostalAddress[];
886 [Description (
887 "From inetOrgPerson, the JPEG Phto property values may be used "
888 "for one or more images of a person using the JPEG File "
889 "Interchange Format.")]
890 string JPEGPhoto;
891 [Description (
892 "This property contains the name of a locality, such as a "
893 "city, county or other geographic region.")]
894 string LocalityName;
895 [Description (
896 "Based on RFC1274, the mail box addresses for the person "
897 "as defined in RFC822.")]
898 string Mail;
899 [Description (
900 "The person's manager within the organization. In the case of "
901 "an LDAP-derived instance, the Manager property value may "
902 karl 1.1 "contain the distinguishedName of the Manager.")]
903 string Manager;
904 [MaxLen (32), Description (
905 "Based on RFC1274, the Mobile Phone property specifies a "
906 "mobile telephone number for the person, e.g. + 44 582 10101)."
907 )]
908 string Mobile;
909 [Description (
910 "The name of an organizational unit related to the person.")]
911 string OU;
912 [MaxLen (32), Description (
913 "Based on RFC1274, the Pager property specifies a pager "
914 "telephone number for the person, e.g. + 44 582 10101).")]
915 string Pager;
916 [Description (
917 "The Postal Address property values specify the address "
918 "information required for the physical delivery of postal "
919 "messages by the postal authority to the person.")]
920 string PostalAddress[];
921 [MaxLen (40), Description (
922 "The Postal Code property specifies the postal code of the "
923 karl 1.1 "organization. If this value is present it will be part of "
924 "the object's postal address.")]
925 string PostalCode;
926 [Description (
927 "Based on inetOrgPerson, the person's preferred written or "
928 "spoken language.")]
929 string PreferredLanguage;
930 [Description (
931 "Based on RFC1274, the Secretary property may be used to "
932 "specify a secretary for the person. In the case of an "
933 "LDAP-derived object instance, the value may be a "
934 "distinguishedName.")]
935 string Secretary;
936 [Description (
937 "The State or Province Name property specifies a state or "
938 "province." )]
939 string StateOrProvince;
940 [Required, Description (
941 "The Surname property specifies the linguistic construct that "
942 "normally is inherited by an individual from the individual's "
943 "parent or assumed by marriage, and by which the individual is "
944 karl 1.1 "commonly known.")]
945 string Surname;
946 [MaxLen (32), Description (
947 "The Telephone Number property specifies a telephone number of "
948 "the organization, e.g. + 44 582 10101)." )]
949 string TelephoneNumber;
950 [Description (
951 "The Title property may be used to specify the person's "
952 "designated position or function of the object within an "
953 "organization, e.g., Manager, Vice-President, etc.")]
954 string Title;
955 };
956
957 // ==================================================================
958 // OtherPersonInformation
959 // ==================================================================
960 [Description (
961 "The OtherPersonInformation class is used to provide "
962 "additional information about an associated Person instance. "
963 "This class is defined so as to incorporate commonly-used LDAP "
964 "attributes to permit implementations to easily derive this "
965 karl 1.1 "information from LDAP-accessible directories.") ]
966 class CIM_OtherPersonInformation : CIM_UserEntity
967 {
968 [Key, MaxLen (256), Description (
969 "CreationClassName indicates the name of the class or the "
970 "subclass used in the creation of an instance. When used "
971 "with the other key properties of this class, this property "
972 "allows all instances of this class and its subclasses to "
973 "be uniquely identified.")]
974 string CreationClassName;
975 [Key, MaxLen (1024),Description (
976 "The Name property defines the label by which the object is "
977 "known. In the case of an LDAP-derived instance, the Name "
978 "property value may be set to the distinguishedName of the "
979 "LDAP-accessed object instance.")]
980 string Name;
981 [Description (
982 "In the case of an LDAP-derived instance, the ObjectClass "
983 "property value(s) may be set to the objectClass attribute "
984 "values.")]
985 string ObjectClass[];
986 karl 1.1 [Octetstring, Description (
987 "The Audio property may be used to store an audio clip of the "
988 "person.")]
989 string Audio[];
990 [MaxLen (128), Description (
991 "This property describes the kind of business performed by an "
992 "organization.")]
993 string BusinessCategory[];
994 [MaxLen (128), Description (
995 "The Car License property is used to record the values of the "
996 "vehicle license or registration plate associated with an "
997 "individual.")]
998 string CarLicense[];
999 [Description (
1000 "A Common Name is a (possibly ambiguous) name by which the "
1001 "role is commonly known in some limited scope (such as an "
1002 "organization) and conforms to the naming conventions of the "
1003 "country or culture with which it is associated.")]
1004 string CommonName[];
1005 [Description (
1006 "The Country Name property specifies a country as defined in "
1007 karl 1.1 "ISO 3166.")]
1008 string CountryName[];
1009 [Description (
1010 "Based on inetOrgPerson, the Department Number is a code for "
1011 "department to which a person belongs. This can be strictly "
1012 "numeric (e.g., 1234) or alphanumeric (e.g., ABC/123).")]
1013 string DepartmentNumber[];
1014 [MaxLen (1024), Description (
1015 "The Descriptions property values may contain human-readable "
1016 "descriptions of the object. In the case of an LDAP-derived "
1017 "instance, the description attribute may have multiple values "
1018 "that, therefore, cannot be placed in the inherited "
1019 "Description property.")]
1020 string Descriptions[];
1021 [MaxLen (128), Description (
1022 "This property is used for the organization's telegram "
1023 "service.")]
1024 string DestinationIndicator[];
1025 [Description (
1026 "Based on inetOrgPerson, the Display Name property values are "
1027 "used when displaying an entry.")]
1028 karl 1.1 string DisplayName[];
1029 [Description (
1030 "Based on inetPrgPerson, the Employee Number property "
1031 "specifies a numeric or an alphanumeric identifier assigned to "
1032 "a person.")]
1033 string EmployeeNumber;
1034 [Description (
1035 "Based on inetOrgPerson, the Employee Type property is used to "
1036 "identify the employer to employee relationship. Typical "
1037 "values used may include 'Contractor', 'Employee', 'Intern', "
1038 "'Temp', 'External', and 'Unknown' but any value may be used."
1039 )]
1040 string EmployeeType[];
1041 [Description (
1042 "The person's facsimile telephone number.")]
1043 string FacsimileTelephoneNumber[];
1044 [Description (
1045 "Based on liPerson, the GenerationQualifier property specifies "
1046 "a name qualifier that represents the person's generation "
1047 "(e.g., JR., III, etc.).")]
1048 string GenerationQualifier[];
1049 karl 1.1 [Description (
1050 "The Given Name property is used for the part of a person's "
1051 "name that is not their surname nor their middle name.")]
1052 string GivenName[];
1053 [Description (
1054 "Based on liPerson, the Home Fax property specifies the "
1055 "person's facsimile telephone number at home.")]
1056 string HomeFax[];
1057 [MaxLen (32), Description (
1058 "Based on RFC1274, the Home Phone property specifies a home "
1059 "telephone number for the person, e.g. + 44 582 10101)." )]
1060 string HomePhone[];
1061 [Description (
1062 "The Home Postal Address property values specify the home "
1063 "address information required for the physical delivery of "
1064 "postal messages by the postal authority.")]
1065 string HomePostalAddress[];
1066 [Description (
1067 "Based on inetOrgPerson, the Initials property specifies the "
1068 "first letters of the person's name, typically the property "
1069 "values will exclude the first letter of the surname.")]
1070 karl 1.1 string Initials[];
1071 [MaxLen (16), Description (
1072 "The person's International ISDN number.")]
1073 string InternationaliSDNNumber[];
1074 [Description (
1075 "From inetOrgPerson, the JPEG Phto property values may be used "
1076 "for one or more images of a person using the JPEG File "
1077 "Interchange Format.")]
1078 string JPEGPhoto[];
1079 [Description (
1080 "Uniform Resource Identifier with optional label as defined in "
1081 "RFC2079.")]
1082 string LabeledURI[];
1083 [Description (
1084 "This property contains the name of a locality, such as a "
1085 "city, county or other geographic region.")]
1086 string LocalityName[];
1087 [Description (
1088 "Based on RFC1274, the mail box addresses for the person "
1089 "as defined in RFC822.")]
1090 string Mail[];
1091 karl 1.1 [Description (
1092 "The person's manager within the organization. In the case of "
1093 "an LDAP-derived instance, the Manager property value may "
1094 "contain the distinguishedName of the Manager.")]
1095 string Manager[];
1096 [Description (
1097 "Based on liPerson, the middle name of the person.")]
1098 string MiddleName[];
1099 [MaxLen (32), Description (
1100 "Based on RFC1274, the Mobile Phone property specifies a "
1101 "mobile telephone number for the person, e.g. + 44 582 10101)."
1102 )]
1103 string Mobile[];
1104 [Required, Description (
1105 "The name of the person's organization.")]
1106 string OrganizationName[];
1107 [Description (
1108 "Based on RFC1274, the OrganizationalStatus property specifies "
1109 "a category by which a person is often referred to within an "
1110 "organization. Examples of usage in academia might include "
1111 "undergraduate student, researcher, lecturer, etc.")]
1112 karl 1.1 string OrganizationalStatus[];
1113 [Description (
1114 "Based on RFC1274, this property may be used for electronic "
1115 "mail box addresses other than RFC822 and X.400.")]
1116 string OtherMailbox[];
1117 [Description (
1118 "The name of an organizational unit related to the person.")]
1119 string OU[];
1120 [MaxLen (32), Description (
1121 "Based on RFC1274, the Pager property specifies a pager "
1122 "telephone number for the person, e.g. + 44 582 10101).")]
1123 string Pager[];
1124 [Description (
1125 "Based on liPerson, the PersonalTitle property may be used to "
1126 "specify the person's personal title such as Mr., Ms., Dr., "
1127 "Prof. etc.")]
1128 string PersonalTitle[];
1129 [Octetstring, Description (
1130 "Based on RFC1274, the Photo property may be used to specify a "
1131 "photograph for the person encoded in G3 fax as explained in "
1132 "recommendation T.4, with an ASN.1 wrapper to make it "
1133 karl 1.1 "compatible with an X.400 BodyPart as defined in X.420.")]
1134 string Photo[];
1135 [MaxLen (128), Description (
1136 "The Physical Delivery Office Name property specifies the name "
1137 "of the city, village, etc. where a physical delivery office "
1138 "is situated.")]
1139 string PhysicalDeliveryOfficeName[];
1140 [Description (
1141 "The Postal Address property values specify the address "
1142 "information required for the physical delivery of postal "
1143 "messages by the postal authority to the person.")]
1144 string PostalAddress[];
1145 [MaxLen (40), Description (
1146 "The Postal Code property specifies the postal code of the "
1147 "organization. If this value is present it will be part of "
1148 "the object's postal address.")]
1149 string PostalCode[];
1150 [MaxLen (40), Description (
1151 "The Post Office Box property specifies the Post Office Box "
1152 "by which the person will receive physical postal delivery. "
1153 "If present, the property value is part of the object's postal "
1154 karl 1.1 "address.")]
1155 string PostOfficeBox[];
1156 [Description (
1157 "The Preferred Delivery Method property specifies the "
1158 "preferred method to be used for contacting the person.")]
1159 string PreferredDeliveryMethod;
1160 [Description (
1161 "Based on inetOrgPerson, the person's preferred written or "
1162 "spoken language.")]
1163 string PreferredLanguage;
1164 [Description (
1165 "This property specifies a postal address suitable for receipt "
1166 "of telegrams or expedited documents, where it is necessary to "
1167 "have the recipient accept delivery.")]
1168 string RegisteredAddress[];
1169 [Description (
1170 "Based on RFC1274, the Room Number property specifies the room "
1171 "number for the person.")]
1172 string RoomNumber[];
1173 [Description (
1174 "Based on RFC1274, the Secretary property may be used to "
1175 karl 1.1 "specify a secretary for the person. In the case of an "
1176 "LDAP-derived object instance, the value may be a "
1177 "distinguishedName.")]
1178 string Secretary[];
1179 [Description (
1180 "In the case of an LDAP-derived instance, the See Also "
1181 "property specifies distinguishedName of other Directory "
1182 "objects which may be other aspects (in some sense) of the "
1183 "same real world object.")]
1184 string SeeAlso[];
1185 [Description (
1186 "The State or Province Name property specifies a state or "
1187 "province." )]
1188 string StateOrProvince[];
1189 [MaxLen (128), Description (
1190 "The Street Address property specifies a site for the local "
1191 "distribution and physical delivery in a postal address, i.e. "
1192 "the street name, place, avenue, and the number." )]
1193 string Street[];
1194 [Description (
1195 "The Surname property specifies the linguistic construct that "
1196 karl 1.1 "normally is inherited by an individual from the individual's "
1197 "parent or assumed by marriage, and by which the individual is "
1198 "commonly known.")]
1199 string Surname[];
1200 [MaxLen (32), Description (
1201 "The Telephone Number property specifies a telephone number of "
1202 "the organization, e.g. + 44 582 10101)." )]
1203 string TelephoneNumber[];
1204 [Description (
1205 "The Teletex Terminal Identifier property specifies the "
1206 "Teletex terminal identifier (and, optionally, parameters) for "
1207 "a teletex terminal associated with the organization." )]
1208 string TeletexTerminalIdentifier[];
1209 [Description (
1210 "The Telex Number property specifies the telex number, country "
1211 "code, and answerback code of a telex terminal for the "
1212 "organization." )]
1213 string TelexNumber[];
1214 [Octetstring, Description (
1215 "A small image of the person's organization logo")]
1216 string ThumbnailLogo[];
1217 karl 1.1 [Octetstring, Description (
1218 "A small image of the person.")]
1219 string ThumbnailPhoto[];
1220 [Description (
1221 "The Title property may be used to specify the person's "
1222 "designated position or function of the object within an "
1223 "organization, e.g., Manager, Vice-President, etc.")]
1224 string Title[];
1225 [Description (
1226 "Based on RFC1274, the UserID property may be used to specify "
1227 "a computer system login name.")]
1228 string UserID[];
1229 [Description (
1230 "A unique identifier that may be assigned in an environment to "
1231 "differentiate between uses of a given named person instance."
1232 )]
1233 string UniqueIdentifier[];
1234 [Octetstring, Description (
1235 "Based on inetOrgPerson and for directory compatibility, the "
1236 "User Certificate property may be used to specify a public key "
1237 "certificate for the person.")]
1238 karl 1.1 string UserCertificate[];
1239 [Octetstring, Description (
1240 "In the case of an LDAP-derived instance, the UserPassword "
1241 "property may contain an encrypted password used to access "
1242 "the person's resources in a directory." )]
1243 string UserPassword[];
1244 [Octetstring, Description (
1245 "Based on inetOrgPerson and for directory compatibility, the "
1246 "UserPKCS12 property value may be used to provides a format "
1247 "for exchange of personal identity information. The property "
1248 "values are PFX PDUs stored as Octetstrings.")]
1249 string UserPKCS12[];
1250 [Octetstring, Description (
1251 "Based on inetOrgPerson, the User S/MIME Certificate property "
1252 "may be used to specify the person's an S/MIME (RFC1847) "
1253 "signed message with a zero-length body. It contains the "
1254 "entire certificate chain and the signed attribute that "
1255 "describes their algorithm capabilities. If available, this "
1256 "property is preferred over the UserCertificate property for "
1257 "S/MIME applications.")]
1258 string UserSMIMECertificate[];
1259 karl 1.1 [MaxLen (15), Description (
1260 "An X.121 address for the organization.")]
1261 string X121Address[];
1262 [Octetstring, Description (
1263 "An X.500 specified unique identifier that may be assigned in "
1264 "an environment to differentiate between uses of a given named "
1265 "person object instance.")]
1266 string X500UniqueIdentifier[];
1267 };
1268
1269
1270 // ==================================================================
1271 // UsersAccess
1272 // ==================================================================
1273 [Description (
1274 "The UsersAccess object class is used to specify a system user "
1275 "that permitted access to system resources. The ManagedElement "
1276 "that has access to system resources (represented in the model in "
1277 "the ElementAsUser association) may be a person, a service, a "
1278 "service access point or any collection thereof. Whereas the "
1279 "Account class represents the user's relationship to a system "
1280 karl 1.1 "from the perspective of the security services of the system, the "
1281 "UserAccess class represents the relationships to the systems "
1282 "independent of a particular system or service.") ]
1283 class CIM_UsersAccess: CIM_UserEntity
1284 {
1285 [Key, MaxLen (256), Description (
1286 "CreationClassName indicates the name of the class or the "
1287 "subclass used in the creation of an instance. When used "
1288 "with the other key properties of this class, this property "
1289 "allows all instances of this class and its subclasses to "
1290 "be uniquely identified.")]
1291 string CreationClassName;
1292 [Key, MaxLen (256),Description (
1293 "The Name property defines the label by which the object is "
1294 "known.")]
1295 string Name;
1296 [Key, Description (
1297 "The ElementID property uniquely specifies the ManagedElement "
1298 "object instance that is the user represented by the "
1299 "UsersAccess object instance. The ElementID is formatted "
1300 "similarly to a model path except that the property-value "
1301 karl 1.1 "pairs are ordered in alphabetical order (US ASCII lexical "
1302 "order).")]
1303 string ElementID;
1304 [Description (
1305 "Biometric information used to identify a person. The "
1306 "property value is left null or set to 'N/A' for non-human "
1307 "user or a user not using biometric information for "
1308 "authentication."),
1309 Values { "N/A", "Other", "Facial", "Retina", "Mark", "Finger",
1310 "Voice", "DNA-RNA", "EEG"} ]
1311 uint16 Biometric[];
1312 };
1313
1314 // ==================================================================
1315 // Account
1316 // ==================================================================
1317 [Description (
1318 "CIM_Account is the information held by a SecurityService "
1319 "to track identity and privileges managed by that service. "
1320 "Common examples of an Account are the entries in a UNIX "
1321 "/etc/passwd file. Several kinds of security services use "
1322 karl 1.1 "various information from those entries - the /bin/login "
1323 "program uses the account name ('root') and hashed password "
1324 "to authenticate users, and the file service, for instance, "
1325 "uses the UserID field ('0') and GroupID field ('0') to "
1326 "record ownership and determine access control privileges "
1327 "on files in the file system. This class is defined so as "
1328 "to incorporate commonly-used LDAP attributes to permit "
1329 "implementations to easily derive this information from "
1330 "LDAP-accessible directories.") ]
1331 class CIM_Account:CIM_LogicalElement
1332 {
1333 [Propagated ("CIM_System.CreationClassName"), Key,
1334 MaxLen (256), Description ("Scoping System")]
1335 string SystemCreationClassName;
1336 [Propagated ("CIM_System.Name"), Key,
1337 MaxLen (256),Description ("Scoping System")]
1338 string SystemName;
1339 [Key, MaxLen (256), Description (
1340 "CreationClassName indicates the name of the class or the "
1341 "subclass used in the creation of an instance. When used "
1342 "with the other key properties of this class, this property "
1343 karl 1.1 "allows all instances of this class and its subclasses to "
1344 "be uniquely identified.")]
1345 string CreationClassName;
1346 [Key, Override("Name"), MaxLen (1024), Description (
1347 "The Name property defines the label by which the object is "
1348 "known. The value of this property may be set to be the same "
1349 "as that of the UserID property or, in the case of an "
1350 "LDAP-derived instance, the Name property value may be set to "
1351 "the distinguishedName of the LDAP-accessed object instance.")]
1352 string Name;
1353 [MaxLen (256), Description (
1354 "UserID is the value used by the SecurityService to "
1355 "represent identity. For an authentication service, the "
1356 "UserID may be the name of the user, or for an authorization "
1357 "service the value which serves as a handle to a mapping of "
1358 "the identity.") ]
1359 string UserID;
1360 [Description (
1361 "In the case of an LDAP-derived instance, the ObjectClass "
1362 "property value(s) may be set to the objectClass attribute "
1363 "values.")]
1364 karl 1.1 string ObjectClass[];
1365 [MaxLen (1024), Description (
1366 "The Descriptions property values may contain human-readable "
1367 "descriptions of the object. In the case of an LDAP-derived "
1368 "instance, the description attribute may have multiple values "
1369 "that, therefore, cannot be placed in the inherited "
1370 "Description property.")]
1371 string Descriptions[];
1372 [Description (
1373 "Based on RFC1274, the host name of the system(s) for which "
1374 "the account applies. The host name may be a fully-qualified "
1375 "DNS name or it may be an unqualified host name.")]
1376 string Host[];
1377 [Description (
1378 "This property contains the name of a locality, such as a "
1379 "city, county or other geographic region.")]
1380 string LocalityName[];
1381 [Required, Description (
1382 "The name of the organization related to the account.")]
1383 string OrganizationName[];
1384 [Description (
1385 karl 1.1 "The name of an organizational unit related to the account.")]
1386 string OU[];
1387 [Description (
1388 "In the case of an LDAP-derived instance, the See Also "
1389 "property specifies distinguishedName of other Directory "
1390 "objects which may be other aspects (in some sense) of the "
1391 "same real world object.")]
1392 string SeeAlso[];
1393 [Octetstring, Description (
1394 "Based on inetOrgPerson and for directory compatibility, the "
1395 "User Certificate property may be used to specify a public key "
1396 "certificate for the person.")]
1397 string UserCertificate[];
1398 [Octetstring, Description (
1399 "In the case of an LDAP-derived instance, the UserPassword "
1400 "property may contain an encrypted password used to access "
1401 "the person's resources in a directory." )]
1402 string UserPassword[];
1403 };
1404
1405
1406 karl 1.1 // ==================================================================
1407 // SecurityService
1408 // ==================================================================
1409 [ Abstract, Description (
1410 "CIM_SecurityService ...") ]
1411 class CIM_SecurityService:CIM_Service
1412 {
1413 };
1414
1415 // ==================================================================
1416 // AccountManagementService
1417 // ==================================================================
1418 [Description (
1419 "CIM_AccountManagementService creates, manages, and if necessary "
1420 "destroys Accounts on behalf of other SecuritySerices.") ]
1421 class CIM_AccountManagementService:CIM_SecurityService
1422 {
1423 };
1424
1425 // ==================================================================
1426 // AuthenticationService
1427 karl 1.1 // ==================================================================
1428 [Description (
1429 "CIM_AuthenticationService verifies users' identities through "
1430 "some means. These services are decomposed into a subclass that "
1431 "provides credentials to users and a subclass that provides for "
1432 "the verification of the validity of a credential and, perhaps, "
1433 "the appropriateness of its use for access to target resources. "
1434 "The persistent state information used from one such verification "
1435 "to another is maintained in an Account for that Users Access on "
1436 "that AuthenticationService.") ]
1437 class CIM_AuthenticationService:CIM_SecurityService
1438 {
1439 };
1440
1441 // ==================================================================
1442 // VerificationService
1443 // ==================================================================
1444 [Description (
1445 "CIM_VerificationService is the authentication service that "
1446 "verifies a credential for use and may also verify the "
1447 "appropriateness of a particular credential in conjunction with a "
1448 karl 1.1 "particular target resource.")]
1449 class CIM_VerificationService:CIM_AuthenticationService
1450 {
1451 };
1452
1453 // ==================================================================
1454 // CredentialManagementService
1455 // ==================================================================
1456 [Description (
1457 "CIM_CredentialManagementService issues credentials and manages "
1458 "the credential lifecycle.") ]
1459 class CIM_CredentialManagementService:CIM_AuthenticationService
1460 {
1461 };
1462
1463 // ==================================================================
1464 // CredentialManagementSAP
1465 // ==================================================================
1466 [Description (
1467 "CIM_CredentialManagementSAP represents the ability to "
1468 "utilize or invoke a CredentialManagementService.") ]
1469 karl 1.1 class CIM_CredentialManagementSAP:CIM_ServiceAccessPoint
1470 {
1471 [Description ("The URL for the access point.") ]
1472 string URL;
1473 };
1474
1475 // ==================================================================
1476 // CertificateAuthority
1477 // ==================================================================
1478 [Description ("A Certificate Authority (CA) is a credential "
1479 "management service that issues and cryptographically "
1480 "signs certificates thus acting as an trusted third-party "
1481 "intermediary in establishing trust relationships. The CA "
1482 "authenicates the holder of the private key related to the "
1483 "certificate's public key; the authenicated entity is "
1484 "represented by the UsersAccess class.") ]
1485 class CIM_CertificateAuthority:CIM_CredentialManagementService
1486 {
1487 [Description (
1488 "The CAPolicyStatement describes what care is taken by the "
1489 "CertificateAuthority when signing a new certificate. "
1490 karl 1.1 "The CAPolicyStatment may be a dot-delimited ASN.1 OID "
1491 "string which identifies to the formal policy statement.") ]
1492 string CAPolicyStatement;
1493 [Description ( "A CRL, or CertificateRevocationList, is a "
1494 "list of certificates which the CertificateAuthority has "
1495 "revoked and which are not yet expired. Revocation is "
1496 "necessary when the private key associated with the public "
1497 "key of a certificate is lost or compromised, or when the "
1498 "person for whom the certificate is signed no longer is "
1499 "entitled to use the certificate."), Octetstring ]
1500 string CRL[];
1501 [Description ("Certificate Revocation Lists may be "
1502 "available from a number of distribution points. "
1503 "CRLDistributionPoint array values provide URIs for those "
1504 "distribution points.")]
1505 string CRLDistributionPoint[];
1506 [Description ( "Certificates refer to their issuing CA by "
1507 "its Distinguished Name (as defined in X.501)."), DN]
1508 string CADistinguishedName;
1509 [Description ( "The frequency, expressed in hours, at which "
1510 "the CA will update its Certificate Revocation List. Zero "
1511 karl 1.1 "implies that the refresh frequency is unknown."),
1512 Units("Hours")]
1513 uint8 CRLRefreshFrequency;
1514 [Description ( "The maximum number of certificates in a "
1515 "certificate chain permitted for credentials issued by "
1516 "this certificate authority or it's subordinate CAs.\n"
1517 "The MaxChainLength of a superior CA in the trust "
1518 "hierarchy should be greater than this value and the "
1519 "MaxChainLength of a subordinate CA in the trust hierarchy "
1520 "should be less than this value.")]
1521 uint8 MaxChainLength;
1522 };
1523
1524
1525 // ==================================================================
1526 // KerberosKeyDistributionCenter
1527 // ==================================================================
1528 [Description (
1529 "CIM_KerberosKeyDistributionCenter ...") ]
1530 class CIM_KerberosKeyDistributionCenter:CIM_CredentialManagementService
1531 {
1532 karl 1.1 [Override ("Name"),
1533 Description ("The Realm served by this KDC.")]
1534 string Name;
1535 [Description ("The version of Kerberos supported by this "
1536 "service."),
1537 Values {"V4", "V5", "DCE", "MS"} ]
1538 uint16 Protocol[];
1539 };
1540
1541
1542 // ==================================================================
1543 // Notary
1544 // ==================================================================
1545 [Description (
1546 "CIM_Notary is an AuthenticationService (credential "
1547 "management service) which compares the "
1548 "biometric characteristics of a person with the "
1549 "known characteristics of an Users Access, and determines "
1550 "whether the person is the UsersAccess. An example is "
1551 "a bank teller who compares a picture ID with the person "
1552 "trying to cash a check, or a biometric login service that "
1553 karl 1.1 "uses voice recognition to identify a user.") ]
1554 class CIM_Notary:CIM_CredentialManagementService
1555 {
1556 [Description ( "The types of biometric information which "
1557 "this Notary can compare."),
1558 Values { "N/A", "Other", "Facial", "Retina", "Mark",
1559 "Finger", "Voice", "DNA-RNA", "EEG"} ]
1560 uint16 Comparitors;
1561 [Description (
1562 "The SealProtocol is how the decision of the Notary is "
1563 "recorded for future use by parties who will rely on its "
1564 "decision. For instance, a drivers licence frequently "
1565 "includes tamper-resistent coatings and markings to protect "
1566 "the recorded decision that a driver, having various "
1567 "biometric characteristics of height, weight, hair and eye "
1568 "color, using a particular name, has features represented in "
1569 "a photograph of their face.")]
1570 string SealProtocol;
1571 [Description (
1572 "CharterIssued documents when the Notary is first "
1573 "authorized, by whoever gave it responsibility, to perform "
1574 karl 1.1 "its service.")]
1575 datetime CharterIssued;
1576 [Description (
1577 "CharterExpired documents when the Notary is no longer "
1578 "authorized, by whoever gave it responsibility, to perform "
1579 "its service.")]
1580 datetime CharterExpired;
1581 };
1582
1583
1584 // ==================================================================
1585 // LocalCredentialManagementService
1586 // ==================================================================
1587 [Description (
1588 "CIM_LocalCredentialManagementService is a credential "
1589 "management service that provides local system "
1590 "management of credentials used by the local system.") ]
1591 class CIM_LocalCredentialManagementService:CIM_CredentialManagementService
1592 {
1593 };
1594
1595 karl 1.1 // ==================================================================
1596 // SharedSecretService
1597 // ==================================================================
1598 [Description (
1599 "CIM_SharedSecretService is a service which ascertains "
1600 "whether messages received are from the Principal with "
1601 "whom a secret is shared. Examples include a login "
1602 "service that proves identity on the basis of knowledge of "
1603 "the shared secret, or a transport integrity service (like "
1604 "Kerberos provides) that includes a message authenticity "
1605 "code that proves each message in the messsage stream came "
1606 "from someone who knows the shared secret session key.")]
1607 class CIM_SharedSecretService:CIM_LocalCredentialManagementService
1608 {
1609 [MaxLen (256), Description (
1610 "The Algorithm used to convey the shared secret, such as "
1611 "HMAC-MD5,or PLAINTEXT.") ]
1612 string Algorithm;
1613 [Description (
1614 "The Protocol supported by the SharedSecretService.")]
1615 string Protocol;
1616 karl 1.1 };
1617
1618 // ==================================================================
1619 // PublicKeyManagementService
1620 // ==================================================================
1621 [Description (
1622 "CIM_PublicKeyManagementService is a credential management "
1623 "service that provides local system management of public "
1624 "keys used by the local system.") ]
1625 class CIM_PublicKeyManagementService:CIM_LocalCredentialManagementService
1626 {
1627 };
1628
1629 // ==================================================================
1630 // Credential
1631 // ==================================================================
1632 [Abstract, Description (
1633 "Subclasses of CIM_Credential define materials, "
1634 "information, or other data which are used to prove the "
1635 "identity of a CIM_UsersAccess to a particular "
1636 "CIM_SecurityService. Generally, there may be some shared "
1637 karl 1.1 "information, or credential material which is used to "
1638 "identify and authenticate ones self in the process of "
1639 "gaining access to, or permission to use, an Account. "
1640 "Such credential material may be used to authenticate a "
1641 "users access identity initially, as done by a "
1642 "CIM_AuthenticationService (see later), and additionally on "
1643 "an ongoing basis during the course of a connection or "
1644 "other security association, as proof that each received "
1645 "message or communication came from the owning user access of "
1646 "that credential material.") ]
1647 class CIM_Credential:CIM_ManagedElement
1648 {
1649 };
1650
1651
1652 // ==================================================================
1653 // PublicKeyCertificate
1654 // ==================================================================
1655 [Description ("A Public Key Certificate is a credential "
1656 "that is cryptographically signed by a trusted Certificate "
1657 "Authority (CA) and issued to an authenticated entity "
1658 karl 1.1 "(e.g., human user, service,etc.) called the Subject in "
1659 "the certificate and represented by the UsersAccess class. "
1660 "The public key in the certificate is cryptographically "
1661 "related to a private key that is to be held and kept "
1662 "private by the authenticated Subject. The certificate "
1663 "and its related private key can then be used for "
1664 "establishing trust relationships and securing "
1665 "communications with the Subject. Refer to the ITU/CCITT "
1666 "X.509 standard as an example of such certificates.") ]
1667 class CIM_PublicKeyCertificate:CIM_Credential
1668 {
|
1855 karl 1.1 Key, MaxLen (256),Description ("Scoping System")]
1856 string SystemName;
1857 [Propagated ("CIM_SharedSecretService.CreationClassName"),
1858 Key, MaxLen (256), Description ("Scoping Service")]
1859 string ServiceCreationClassName;
1860 [Propagated ("CIM_SharedSecretService.Name"),
1861 Key, MaxLen (256), Description ("Scoping Service")]
1862 string ServiceName;
1863 [Key, MaxLen (256), Description (
1864 "The local Identity with whom the direct trust "
1865 "relationship exists."),
1866 ModelCorrespondence
1867 {"CIM_NamedSharedIKESecret.LocalIdentityType" } ]
1868 string LocalIdentity;
1869 [Key, Description ("LocalIdentityType is used to describe "
1870 "the type of the LocalIdentity."),
1871 ValueMap {"1", "2", "3", "4", "5", "6", "7", "8",
1872 "9", "10", "11"},
1873 Values {"IPV4_ADDR", "FQDN", "USER_FQDN",
1874 "IPV4_ADDR_SUBNET", "IPV6_ADDR", "IPV6_ADDR_SUBNET",
1875 "IPV4_ADDR_RANGE", "IPV6_ADDR_RANGE", "DER_ASN1_DN",
1876 karl 1.1 "DER_ASN1_GN", "KEY_ID"},
1877 ModelCorrespondence
1878 {"CIM_NamedSharedIKESecret.LocalIdentity" } ]
1879 uint16 LocalIdentityType;
1880 [Key, MaxLen (256), Description (
1881 "The peer identity with whom the direct trust "
1882 "relationship exists."),
1883 ModelCorrespondence
1884 {"CIM_NamedSharedIKESecret.PeerIdentityType" } ]
1885 string PeerIdentity;
1886 [Key, Description ("PeerIdentityType is used to describe "
1887 "the type of the PeerIdentity."),
1888 ValueMap {"1", "2", "3", "4", "5", "6", "7", "8",
1889 "9", "10", "11"},
1890 Values {"IPV4_ADDR", "FQDN", "USER_FQDN",
1891 "IPV4_ADDR_SUBNET", "IPV6_ADDR", "IPV6_ADDR_SUBNET",
1892 "IPV4_ADDR_RANGE", "IPV6_ADDR_RANGE", "DER_ASN1_DN",
1893 "DER_ASN1_GN", "KEY_ID"},
1894 ModelCorrespondence
1895 {"CIM_NamedSharedIKESecret.PeerIdentity" } ]
1896 uint16 PeerIdentityType;
1897 karl 1.1 [Description ("SharedSecretName is an indirect reference "
1898 "to a shared secret. The SecretService does not expose "
1899 "the actual secret but rather provides access to the "
1900 "secret via a name.")]
1901 string SharedSecretName;
1902 };
1903
1904 // ==================================================================
1905 // AuthorizationService
1906 // ==================================================================
1907 [Description (
1908 "CIM_AuthorizationService determines whether a user, by "
1909 "association with an Account used by the AuthorizationService, is "
1910 "permitted access a resource or set of resources.") ]
1911 class CIM_AuthorizationService:CIM_SecurityService
1912 {
1913 };
1914
1915 // ==================================================================
1916 // AuthenticationRequirement
1917 // ==================================================================
1918 karl 1.1 [Description (
1919 "CIM_AuthenticationRequirement provides, through its "
1920 "associations, the authentication requirements for access to "
1921 "system resources. For a particular set of target resources, the "
1922 "AuthenticationService may require that credentials be issued by "
1923 "a specific CredentialManagementService. The "
1924 "AuthenticationRequirement class is weak to the system (e.g., "
1925 "Computer System or Administrative Domain) for which the "
1926 "requirements apply.")]
1927 class CIM_AuthenticationRequirement : CIM_LogicalElement
1928 {
1929 [Key, MaxLen (256), Propagated ("CIM_System.CreationClassName"),
1930 Description ("Hosting system creation class name")]
1931 string SystemCreationClassName;
1932 [Key, MaxLen (256), Propagated ("CIM_System.Name"),
1933 Description ("Hosting system name")]
1934 string SystemName;
1935 [Key, MaxLen (256), Description (
1936 "CreationClassName indicates the name of the class or the "
1937 "subclass used in the creation of an instance. When used "
1938 "with the other key properties of this class, this property "
1939 karl 1.1 "allows all instances of this class and its subclasses to "
1940 "be uniquely identified.")]
1941 string CreationClassName;
1942 [Key, MaxLen (256), Override ("Name"), Description (
1943 "The Name property defines the unique label, in the context of "
1944 "the hosting system, by which the AuthenticationRequirement "
1945 "is known.")]
1946 string Name;
1947 [Description (
1948 "The SecurityClassification property specifies a named level "
1949 "of security associated with the AuthenticationRequirement, "
1950 "e.g., 'Confidential', 'Top Secret', etc.")]
1951 string SecurityClassification;
1952 };
1953
1954
1955 // ==================================================================
1956 // AccessControlInformation
1957 // ==================================================================
1958 [Description (
1959 "CIM_AccessControlInformation provides, through its properties "
1960 karl 1.1 "and its associations, the specification of the access rights "
1961 "granted to a set of subject users to a set of target resources. "
1962 "The AccessControlInformation class is weak to the system (e.g., "
1963 "Computer System or Administrative Domain) for which the access "
1964 "controls apply.")]
1965 class CIM_AccessControlInformation: CIM_LogicalElement
1966 {
1967 [Key, MaxLen (256), Propagated ("CIM_System.CreationClassName"),
1968 Description ("Hosting system creation class name")]
1969 string SystemCreationClassName;
1970 [Key, MaxLen (256), Propagated ("CIM_System.Name"),
1971 Description ("Hosting system name")]
1972 string SystemName;
1973 [Key, MaxLen (256), Description (
1974 "CreationClassName indicates the name of the class or the "
1975 "subclass used in the creation of an instance. When used "
1976 "with the other key properties of this class, this property "
1977 "allows all instances of this class and its subclasses to "
1978 "be uniquely identified.")]
1979 string CreationClassName;
1980 [Key, MaxLen (256), Override ("Name"), Description (
1981 karl 1.1 "The Name property defines the unique label, in the context of "
1982 "the hosting system, by which the AccessControlInformation "
1983 "is known.")]
1984 string Name;
1985 [Description (
1986 "The SecurityClassification property specifies a named level "
1987 "of security associated with the AccessControlInformation, "
1988 "e.g., 'Confidential', 'Top Secret', etc.")]
1989 string SecurityClassification;
1990 [Description (
1991 "The AccessType property is an array of string values that "
1992 "specifies the type of access for which the corresponding "
1993 "permission applies. For example, it can be used to specify a "
1994 "generic access such as 'Read-only', 'Read/Write', etc. for "
1995 "file or record access control or it can be used to specifiy "
1996 "an entry point name for service access control."),
1997 ModelCorrespondence {
1998 "CIM_AccessControlInformation.AccessQualifier",
1999 "CIM_AccessControlInformation.Permission" } ]
2000 string AccessType[];
2001 [Description (
2002 karl 1.1 "The AccessQualifier property is an array of string values "
2003 "may be used to further qualify the type of access for which "
2004 "the corresponding permission applies. For example, it may be "
2005 "used to specify a set of parameters that are permitted or "
2006 "denied in conjunction with the corresponding AccessType entry "
2007 "point name."),
2008 ModelCorrespondence {
2009 "CIM_AccessControlInformation.AccessType",
2010 "CIM_AccessControlInformation.Permission" } ]
2011 string AccessQualifier[];
2012 [Description (
2013 "The Permission property is an array of string values "
2014 "indicating the permission that applies to the corrsponding "
2015 "AccessType and AccessQualifier array values. The values "
2016 "may be extended in subclasses to provide more specific access "
2017 "controls."),
2018 ValueMap {"Unknown", "Allow", "Deny", "Manage"},
2019 ModelCorrespondence {
2020 "CIM_AccessControlInformation.AccessType",
2021 "CIM_AccessControlInformation.AccessQualifier" } ]
2022 string Permission[];
2023 karl 1.1 };
2024
2025 // ==================================================================
2026 // === Association class definitions ===
2027 // ==================================================================
2028
2029 // Aggregations
2030
2031 // ==================================================================
2032 // MemberPrincipal
2033 // ==================================================================
2034 [Association, Aggregation, Description (
2035 "CIM_MemberPrincipal is an aggregation used to establish "
2036 "membership of principals (i.e., users) in a Collection. That "
2037 "membership can be established either directly or indirectly as "
2038 "indicated in the UsersAccessBy property. For example, a user "
2039 "may be identified directly by their userid (i.e., Account object "
2040 "instance) or the user may be identified indirectly by realm from "
2041 "which a ticket was issued (i.e., CredentialManagementService "
2042 "object instance). The latter case is useful, for example, for "
2043 "specifying that only users identified by an internal credential "
2044 karl 1.1 "service are permitted to access very sensitive information." ) ]
2045 class CIM_MemberPrincipal: CIM_MemberOfCollection
2046 {
2047 [Override ("Collection") ]
2048 CIM_Collection REF Collection;
2049 [Override ("Member") ]
2050 CIM_ManagedElement REF Member;
2051 [Description (
2052 "A MemberPrincipal may be identifed in several ways that may "
2053 "be either direct or indirect membership in the collection. "
2054 " - A 'UsersAccess' membership directly identifies the user by "
2055 " the UsersAccess object instance. "
2056 " - An 'Account' membership directly identifies the user by "
2057 " the Account object class instance. "
2058 " - A 'UsingElement' membership indirectly identifies the user "
2059 " by the ManagedElement object instance that has "
2060 " ElementAsUser associations to UsersAccess object "
2061 " instances. Hence, all UsersAccess instances are "
2062 " indirectly included in the collection. "),
2063 ValueMap {"1", "2", "3", "4" },
2064 Values {"UsersAccess", "Account", "UsingElement",
2065 karl 1.1 "CredentialManagementService"} ]
2066 uint16 UserAccessBy;
2067 };
2068
2069
2070 // ===================================================================
2071 // AccountOnSystem
2072 // ===================================================================
2073 [Association, Aggregation, Description (
2074 "A system (e.g., ApplicationSystem, ComputerSystem, AdminDomain) "
2075 "aggregates Accounts and scopes the uniqueness of the Account "
2076 "names (i.e., userids).") ]
2077 class CIM_AccountOnSystem : CIM_SystemComponent
2078 {
2079 [Override ("GroupComponent"), Min (1), Max (1),
2080 Description ("The aggregating system also provides name scoping "
2081 "for the Account.")]
2082 CIM_System REF GroupComponent;
2083 [Override ("PartComponent"), Weak,
2084 Description ("The subordinate Account")]
2085 CIM_Account REF PartComponent;
2086 karl 1.1 };
2087
2088 // ==================================================================
2089 // OrgStructure
2090 // ==================================================================
2091 [Association, Aggregation, Description (
2092 "CIM_OrgStructure is an association used to establish parent-child "
2093 "relationships between OrganizationalEntity instances. This is "
2094 "used to capture organizational relationships between object "
2095 "instances such as those that are imported from an LDAP-accessible "
2096 "directory.") ]
2097 class CIM_OrgStructure
2098 {
2099 [Key, Max (1),
2100 Description ("The organizational parent in this association.") ]
2101 CIM_OrganizationalEntity REF Parent;
2102 [Key,
2103 Description ("The organizational child in this association, "
2104 "i.e., the sub-unit or other owned object instance.") ]
2105 CIM_OrganizationalEntity REF Child;
2106 };
2107 karl 1.1
2108 // ==================================================================
2109 // CollectionInOrganization
2110 // ==================================================================
2111 [Association, Aggregation, Description (
2112 "CIM_CollectionInOrganization is an association used to establish "
2113 "a parent-child relationship between a collection and an 'owning' "
2114 "OrganizationalEntity. A single collection should not have both "
2115 "a CollectionInOrganization and a CollectionInSystem association."
2116 )]
2117 class CIM_CollectionInOrganization
2118 {
2119 [Key, Max (1),
2120 Description ("The parent organization responsible for the "
2121 "collection.") ]
2122 CIM_OrganizationalEntity REF Parent;
2123 [Key,
2124 Description ("The collection") ]
2125 CIM_Collection REF Child;
2126 };
2127
2128 karl 1.1 // ==================================================================
2129 // CollectionInSystem
2130 // ==================================================================
2131 [Association, Aggregation, Description (
2132 "CIM_CollectionInSystem is an association used to establish a "
2133 "parent-child relationship between a collection and an 'owning' "
2134 "System such as an AdminDomain or ComputerSystem. A single "
2135 "collection should not have both a CollectionInOrganization and a "
2136 "CollectionInSystem association." )]
2137 class CIM_CollectionInSystem
2138 {
2139 [Key, Max (1),
2140 Description ("The parent system responsible for the "
2141 "collection.") ]
2142 CIM_System REF Parent;
2143 [Key,
2144 Description ("The collection") ]
2145 CIM_Collection REF Child;
2146 };
2147
2148 // Associations
2149 karl 1.1
2150 // ==================================================================
2151 // ElementAsUser
2152 // ==================================================================
2153 [Association, Description (
2154 "CIM_ElementAsUser is an association used to establish the "
2155 "'ownership' of UsersAccess object instances. That is, the "
2156 "ManagedElement may have UsersAccess to systems and, therefore, "
2157 "be 'users' on those systems. UsersAccess instances must have an "
2158 "'owning' ManagedElement. Typically, the ManagedElements will be "
2159 "limited to Collection, Person, Service and ServiceAccessPoint. "
2160 "Other non-human ManagedElements that might be thought of as "
2161 "having UsersAccess (e.g., a device or system) have services that "
2162 "have the UsersAccess.")]
2163 class CIM_ElementAsUser : CIM_Dependency
2164 {
2165 [Min (1), Max (1), Override ("Antecedent"),
2166 Description ("The ManagedElement that has UsersAccess") ]
2167 CIM_ManagedElement REF Antecedent;
2168 [Override ("Dependent"),
2169 Description ("The 'owned' UsersAccess") ]
2170 karl 1.1 CIM_UsersAccess REF Dependent;
2171 };
2172
2173
2174 // ==================================================================
2175 // MoreOrganizationInfo
2176 // ==================================================================
2177 [Association, Description (
2178 "CIM_MoreOrganizationInfo is an association used to extend the "
2179 "information in a CIM_Organization class instance."
2180 )]
2181 class CIM_MoreOrganizationInfo : CIM_Dependency
2182 {
2183 [Max (1), Override ("Antecedent"),
2184 Description (" "
2185 " ") ]
2186 CIM_Organization REF Antecedent;
2187 [Min (0), Max (1), Override ("Dependent"),
2188 Description (" ") ]
2189 CIM_OtherOrganizationInformation REF Dependent;
2190 };
2191 karl 1.1
2192 // ==================================================================
2193 // MoreOrgUnitInfo
2194 // ==================================================================
2195 [Association, Description (
2196 "CIM_MoreOrgUnitInfo is an association used to extend the "
2197 "information in an CIM_OrgUnit class instance."
2198 )]
2199 class CIM_MoreOrgUnitInfo : CIM_Dependency
2200 {
2201 [Max (1), Override ("Antecedent"),
2202 Description (" "
2203 " ") ]
2204 CIM_OrgUnit REF Antecedent;
2205 [Min (0), Max (1), Override ("Dependent"),
2206 Description (" ") ]
2207 CIM_OtherOrgUnitInformation REF Dependent;
2208 };
2209
2210 // ==================================================================
2211 // MoreGroupInfo
2212 karl 1.1 // ==================================================================
2213 [Association, Description (
2214 "CIM_MoreGroupInfo is an association used to extend the "
2215 "information in a CIM_Group class instance."
2216 )]
2217 class CIM_MoreGroupInfo : CIM_Dependency
2218 {
2219 [Max (1), Override ("Antecedent"),
2220 Description (" "
2221 " ") ]
2222 CIM_Group REF Antecedent;
2223 [Min (0), Max (1), Override ("Dependent"),
2224 Description (" ") ]
2225 CIM_OtherGroupInformation REF Dependent;
2226 };
2227
2228 // ==================================================================
2229 // MoreRoleInfo
2230 // ==================================================================
2231 [Association, Description (
2232 "CIM_MoreRoleInfo is an association used to extend the "
2233 karl 1.1 "information in a CIM_Role class instance."
2234 )]
2235 class CIM_MoreRoleInfo : CIM_Dependency
2236 {
2237 [Max (1), Override ("Antecedent"),
2238 Description (" "
2239 " ") ]
2240 CIM_Role REF Antecedent;
2241 [Min (0), Max (1), Override ("Dependent"),
2242 Description (" ") ]
2243 CIM_OtherRoleInformation REF Dependent;
2244 };
2245
2246 // ==================================================================
2247 // MorePersonInfo
2248 // ==================================================================
2249 [Association, Description (
2250 "CIM_MorePersonInfo is an association used to extend the "
2251 "information in a CIM_Person class instance."
2252 )]
2253 class CIM_MorePersonInfo : CIM_Dependency
2254 karl 1.1 {
2255 [Max (1), Override ("Antecedent"),
2256 Description (" "
2257 " ") ]
2258 CIM_Person REF Antecedent;
2259 [Min (0), Max (1), Override ("Dependent"),
2260 Description (" ") ]
2261 CIM_OtherPersonInformation REF Dependent;
2262 };
2263
2264
2265 // ==================================================================
2266 // SystemAdministrator
2267 // ==================================================================
2268 [Association, Description (
2269 "CIM_SystemAdministrator is an association used to identify "
2270 "the UserEntity as a system administrator of a CIM_System." ) ]
2271 class CIM_SystemAdministrator: CIM_Dependency
2272 {
2273 [Override ("Antecedent"), Description (
2274 "The administered system.") ]
2275 karl 1.1 CIM_System REF Antecedent;
2276 [Override ("Dependent"), Description (
2277 "The UserEntity that provides the admininstrative function "
2278 "for the associated system.") ]
2279 CIM_UserEntity REF Dependent;
2280
2281 };
2282
2283 // ==================================================================
2284 // SystemAdministratorGroup
2285 // ==================================================================
2286 [Association, Description (
2287 "CIM_SystemAdministratorGroup is an association used to identify "
2288 "a Group that has system administrator responsibilities for a "
2289 "CIM_System. " )]
2290 class CIM_SystemAdministratorGroup : CIM_Dependency
2291 {
2292 [Override ("Antecedent"),
2293 Description ("The administered system") ]
2294 CIM_System REF Antecedent;
2295 [Override ("Dependent"),
2296 karl 1.1 Description ("The Group of administrators") ]
2297 CIM_Group REF Dependent;
2298 };
2299
2300 // ==================================================================
2301 // SystemAdministratorRole
2302 // ==================================================================
2303 [Association, Description (
2304 "CIM_SystemAdministratorRole is an association used to identify "
2305 "a system administrator Role for a CIM_System.")]
2306 class CIM_SystemAdministratorRole : CIM_Dependency
2307 {
2308 [Override ("Antecedent"),
2309 Description ("The administered system") ]
2310 CIM_System REF Antecedent;
2311 [Override ("Dependent"),
2312 Description ("The system administration role") ]
2313 CIM_Role REF Dependent;
2314 };
2315
2316 // ===================================================================
2317 karl 1.1 // UsersAccount
2318 // ===================================================================
2319 [Association, Description (
2320 "This relationship associates UsersAccess with the Accounts "
2321 "with which they're able to interact.") ]
2322 class CIM_UsersAccount : CIM_Dependency
2323 {
2324 [Override ("Antecedent"),
2325 Description ( "The user's Account") ]
2326 CIM_Account REF Antecedent;
2327 [Override ("Dependent"),
2328 Description ( "The User as identified by their UsersAccess "
2329 "instance")]
2330 CIM_UsersAccess REF Dependent;
2331 };
2332
2333
2334 // ===================================================================
2335 // AccountMapsToAccount
2336 // ===================================================================
2337 [Association, Description (
2338 karl 1.1 "This relationship may be used to associate an Account used by an "
2339 "AuthenticationService to an Account used for Authorization. For "
2340 "instance, this mapping occurs naturally in the UNIX /etc/passwd "
2341 "file, where the AuthenticationSerice Account ('root') is mapped "
2342 "to the AuthorizationService Account ('0'). The two are separate "
2343 "accounts, as evidenced by the ability to have another "
2344 "AuthenticationService Account which ALSO maps to the "
2345 "AuthorizationService Account ('0') without ambiguity. This "
2346 "association may be used for other account mappings as well such "
2347 "as for coordinating single signon for multiple accounts for the "
2348 "same user.") ]
2349 class CIM_AccountMapsToAccount : CIM_Dependency
2350 {
2351 [Override ("Antecedent"),
2352 Description ( "An Account") ]
2353 CIM_Account REF Antecedent;
2354 [Override ("Dependent"),
2355 Description ( "A related Account")]
2356 CIM_Account REF Dependent;
2357 };
2358
2359 karl 1.1 // ===================================================================
2360 // SecurityServiceUsesAccount
2361 // ===================================================================
2362 [Association, Description (
2363 "This relationship associates SecurityService instances to "
2364 "the Accounts they use in the course of their work.") ]
2365 class CIM_SecurityServiceUsesAccount : CIM_Dependency
2366 {
2367 [ Override ("Antecedent") ]
2368 CIM_Account REF Antecedent;
2369 [ Override ("Dependent") ]
2370 CIM_SecurityService REF Dependent;
2371 };
2372
2373
2374 // ===================================================================
2375 // ManagesAccount
2376 // ===================================================================
2377 [Association, Description (
2378 "This relationship associates the AccountManagement security "
2379 "service to the Accounts for which it is responsible.") ]
2380 karl 1.1 class CIM_ManagesAccount:CIM_Dependency
2381 {
2382 [ Override ("Antecedent") ]
2383 CIM_AccountManagementService REF Antecedent;
2384 [ Override ("Dependent") ]
2385 CIM_Account REF Dependent;
2386 };
2387
2388 // ===================================================================
2389 // ServiceUsesSecurityService
2390 // ===================================================================
2391 [Association, Description (
2392 "This relationship associates a Services with the Security "
2393 "Service it uses.") ]
2394 class CIM_ServiceUsesSecurityService : CIM_ServiceServiceDependency
2395 {
2396 [ Override ("Antecedent") ]
2397 CIM_SecurityService REF Antecedent;
2398 [ Override ("Dependent") ]
2399 CIM_Service REF Dependent;
2400 };
2401 karl 1.1
2402 // ===================================================================
2403 // SecurityServiceForSystem
2404 // ===================================================================
2405 [Association, Description (
2406 "The CIM_SecurityServiceForSystem provides the association between "
2407 "a System and a SecurityService that provides services for that "
2408 "system." ) ]
2409 class CIM_SecurityServiceForSystem : CIM_ProvidesServiceToElement
2410 {
2411 [Override ("Antecedent"), Description (
2412 "The SecurityService that provides services for the system.")]
2413 CIM_SecurityService REF Antecedent;
2414 [Override ("Dependent"), Description (
2415 "The system that is dependent on the security service.")]
2416 CIM_System REF Dependent;
2417 };
2418
2419
2420 // ===================================================================
2421 // ManagesAccountOnSystem
2422 karl 1.1 // ===================================================================
2423 [Association, Description (
2424 "The CIM_ManagesAccountOnSystem provides the association between a "
2425 "System and the AccountManagementService that manages accounts for "
2426 "that system." ) ]
2427 class CIM_ManagesAccountOnSystem:CIM_SecurityServiceForSystem
2428 {
2429 [Override ("Antecedent"), Description (
2430 "An AccountManagementService that manages accounts for the "
2431 "system.")]
2432 CIM_AccountManagementService REF Antecedent;
2433 [Override ("Dependent"), Description (
2434 "The system that is dependent on the AccountManagementService."
2435 )]
2436 CIM_System REF Dependent;
2437 };
2438
2439 // ==================================================================
2440 // TrustHierarchy
2441 // ==================================================================
2442 [Association, Description (
2443 karl 1.1 "CIM_TrustHierarchy is an association between two "
2444 "CredentialManagementService instances that establishes "
2445 "the trust hierarchy between them.") ]
2446 class CIM_TrustHierarchy:CIM_Dependency
2447 {
2448 [Override ("Antecedent"), Max (1),
2449 Description ("The superior CredentialManagementService "
2450 "from which the dependent service gets its authority.") ]
2451 CIM_CredentialManagementService REF Antecedent;
2452 [Override ("Dependent"), Description (
2453 "The subordinate CredentialManagementService.") ]
2454 CIM_CredentialManagementService REF Dependent;
2455 };
2456
2457 // ==================================================================
2458 // UsersCredential
2459 // ==================================================================
2460 [Association, Description (
2461 "CIM_UsersCredential is an association used to establish the "
2462 "credentials that may be used for a UsersAccess to a system or "
2463 "set of systems. " )]
2464 karl 1.1 class CIM_UsersCredential : CIM_Dependency
2465 {
2466 [Override ("Antecedent"),
2467 Description ("The issued credential that may be used.") ]
2468 CIM_Credential REF Antecedent;
2469 [Override ("Dependent"),
2470 Description ("The UsersAccess that has use of a credential") ]
2471 CIM_UsersAccess REF Dependent;
2472 };
2473
2474 // ===================================================================
2475 // PublicPrivateKeyPair
2476 // ===================================================================
2477 [Association, Description (
2478 "This relationship associates a PublicKeyCertificate with "
2479 "the Principal who has the PrivateKey used with the "
2480 "PublicKey. The PrivateKey is not modeled, since it is not "
2481 "a data element that ever SHOULD be accessible via "
2482 "management applications, other than key recovery services, "
2483 "which are outside our scope.") ]
2484 class CIM_PublicPrivateKeyPair:CIM_UsersCredential
2485 karl 1.1 {
2486 [ Override ("Antecedent") ]
2487 CIM_PublicKeyCertificate REF Antecedent;
2488 [ Override ("Dependent") ]
2489 CIM_UsersAccess REF Dependent;
2490 [Description ( "The Certificate may be used for signature only "
2491 "or for confidentiality as well as signature"),
2492 Values { "SignOnly", "ConfidentialityOrSignature"} ]
2493 uint16 Use;
2494 boolean NonRepudiation;
2495 boolean BackedUp;
2496 [Description ("The repository in which the certificate is "
2497 "backed up.")]
2498 string Repository;
2499 };
2500
2501
2502 // ===================================================================
2503 // CAHasPublicCertificate
2504 // ===================================================================
2505 [Association, Description (
2506 karl 1.1 "A CertificateAuthority may have certificates issued by other CAs. "
2507 "This association is essentially an optimization of the CA having "
2508 "a UsersAccess instance with an association to a certificate thus "
2509 "mapping more closely to LDAP-based certificate authority "
2510 "implementations.") ]
2511 class CIM_CAHasPublicCertificate:CIM_Dependency
2512 {
2513 [Max (1), Override ("Antecedent"),
2514 Description ("The Certificate used by the CA")]
2515 CIM_PublicKeyCertificate REF Antecedent;
2516 [Override ("Dependent"),
2517 Description ("The CA that uses a Certificate")]
2518 CIM_CertificateAuthority REF Dependent;
2519 };
2520
2521
2522 // ===================================================================
2523 // ManagedCredential
2524 // ===================================================================
2525 [Association, Description (
2526 "This relationship associates a CredentialManagementService "
2527 karl 1.1 "with the Credential it manages.") ]
2528 class CIM_ManagedCredential:CIM_Dependency
2529 {
2530 [Override ("Antecedent"), Min (1), Max (1),
2531 Description ( "The credential management service")]
2532 CIM_CredentialManagementService REF Antecedent;
2533 [Override ("Dependent"),
2534 Description ( "The managed credential")]
2535 CIM_Credential REF Dependent;
2536 };
2537
2538 // ===================================================================
2539 // CASignsPublicKeyCertificate
2540 // ===================================================================
2541 [Association, Description (
2542 "This relationship associates a CertificateAuthority with "
2543 "the certificates it signs.") ]
2544 class CIM_CASignsPublicKeyCertificate:CIM_ManagedCredential
2545 {
2546 [Override ("Antecedent"), Min (1), Max (1),
2547 Description ( "The CA which signed the certificate")]
2548 karl 1.1 CIM_CertificateAuthority REF Antecedent;
2549 [Override ("Dependent"), Weak,
2550 Description ( "The certificate issued by the CA")]
2551 CIM_PublicKeyCertificate REF Dependent;
2552 string SerialNumber;
2553 [ Octetstring ]
2554 uint8 Signature[];
2555 datetime Expires;
2556 string CRLDistributionPoint[];
2557 };
2558
2559 // ==================================================================
2560 // LocallyManagedPublicKey
2561 // ==================================================================
2562 [Association, Description (
2563 "CIM_LocallyManagedPublicKey association provides the "
2564 "relationship between a PublicKeyManagementService and an "
2565 "UnsignedPublicKey.") ]
2566 class CIM_LocallyManagedPublicKey:CIM_ManagedCredential
2567 {
2568 [Override ("Antecedent"), Min (1), Max (1),
2569 karl 1.1 Description ("The PublicKeyManagementService that manages "
2570 "an unsigned public key.") ]
2571 CIM_PublicKeyManagementService REF Antecedent;
2572 [Override ("Dependent"), Weak, Description (
2573 "An unsigned public key.") ]
2574 CIM_UnsignedPublicKey REF Dependent;
2575 };
2576
2577 // ===================================================================
2578 // SharedSecretIsShared
2579 // ===================================================================
2580 [Association, Description (
2581 "This relationship associates a SharedSecretService with the "
2582 "SecretKey it verifies.") ]
2583 class CIM_SharedSecretIsShared : CIM_ManagedCredential
2584 {
2585 [Override ("Antecedent"), Min (1), Max (1),
2586 Description ("The credential management service")]
2587 CIM_SharedSecretService REF Antecedent;
2588 [Override ("Dependent"), Weak,
2589 Description ( "The managed credential")]
2590 karl 1.1 CIM_SharedSecret REF Dependent;
2591 };
2592
2593 // ==================================================================
2594 // IKESecretIsNamed
2595 // ==================================================================
2596 [Association, Description (
2597 "CIM_IKESecretIsNamed association provides the "
2598 "relationship between a SharedSecretService and a "
2599 "NamedSharedIKESecret.") ]
2600 class CIM_IKESecretIsNamed:CIM_ManagedCredential
2601 {
2602 [Override ("Antecedent"), Min (1), Max (1),
2603 Description ("The SharedSecretService that manages a "
2604 "NamedSharedIKESecret.")]
2605 CIM_SharedSecretService REF Antecedent;
2606 [Override ("Dependent"), Weak, Description (
2607 "The managed NamedSharedIKESecret.") ]
2608 CIM_NamedSharedIKESecret REF Dependent;
2609 };
2610
2611 karl 1.1 // ===================================================================
2612 // KDCIssuesKerberosTicket
2613 // ===================================================================
2614 [Association, Description (
2615 "The KDC issues and owns Kerberos tickets. This association "
2616 "captures the relationship between the KDC and its issued tickets."
2617 ) ]
2618 class CIM_KDCIssuesKerberosTicket:CIM_ManagedCredential
2619 {
2620 [Override ("Antecedent"), Min (1), Max (1),
2621 Description ( "The issuing KDC") ]
2622 CIM_KerberosKeyDistributionCenter REF Antecedent;
2623 [Override ("Dependent"), Weak,
2624 Description ( "The managed credential")]
2625 CIM_KerberosTicket REF Dependent;
2626 };
2627
2628 // ===================================================================
2629 // NotaryVerifiesBiometric
2630 // ===================================================================
2631 [Association, Description (
2632 karl 1.1 "This relationship associates a Notary service with the "
2633 "Users Access whose biometric information is verified.") ]
2634 class CIM_NotaryVerifiesBiometric : CIM_Dependency
2635 {
2636 [Override ("Antecedent"),
2637 Description ("The Notary service that verifies biometric "
2638 "information ") ]
2639 CIM_Notary REF Antecedent;
2640 [Override ("Dependent"),
2641 Description ( "The UsersAccess that represents a person using "
2642 "biometric information for authentication.")]
2643 CIM_UsersAccess REF Dependent;
2644 };
2645
2646
2647 // ==================================================================
2648 // HostedAuthenticationRequirement
2649 // ==================================================================
2650 [Association, Description (
2651 "CIM_HostedAuthenticationRequirement is an association used to "
2652 "provide the namespace scoping of AuthenticationRequirement. The "
2653 karl 1.1 "hosted requirements may or may not apply to resources on the "
2654 "hosting system." )]
2655 class CIM_HostedAuthenticationRequirement : CIM_Dependency
2656 {
2657 [Min (1), Max (1), Override ("Antecedent"),
2658 Description ("The hosting system") ]
2659 CIM_System REF Antecedent;
2660 [Override ("Dependent"), Weak,
2661 Description ("The hosted AuthenticationRequirement") ]
2662 CIM_AuthenticationRequirement REF Dependent;
2663 };
2664
2665 // ==================================================================
2666 // AuthenticateForUse
2667 // ==================================================================
2668 [Association, Description (
2669 "CIM_AuthenticateForUse is an association used to provide an "
2670 "AuthenticationService with the AuthenticationRequirement it "
2671 "needs to do its job.")]
2672 class CIM_AuthenticateForUse : CIM_Dependency
2673 {
2674 karl 1.1 [Override ("Antecedent"),
2675 Description ("AuthenticationRequirement for use") ]
2676 CIM_AuthenticationRequirement REF Antecedent;
2677 [Override ("Dependent"),
2678 Description ("AuthenticationService that uses the requirements"
2679 ) ]
2680 CIM_AuthenticationService REF Dependent;
2681 };
2682
2683 // ==================================================================
2684 // RequireCredentialsFrom
2685 // ==================================================================
2686 [Association, Description (
2687 "CIM_RequireCredentialsFrom is an association used to require "
2688 "that credentials are issued by particular Credential Management "
2689 "Services in order to authenticate a user." )]
2690 class CIM_RequireCredentialsFrom : CIM_Dependency
2691 {
2692 [Override ("Antecedent"),
2693 Description ("CredentialManagementService from which "
2694 "credentials are accepted for the associated "
2695 karl 1.1 "AuthenticationRequirement.") ]
2696 CIM_CredentialManagementService REF Antecedent;
2697 [Override ("Dependent"),
2698 Description ("AuthenticationRequirement that limit acceptable "
2699 "credentials. ") ]
2700 CIM_AuthenticationRequirement REF Dependent;
2701 };
2702
2703 // ==================================================================
2704 // AuthenticationTarget
2705 // ==================================================================
2706 [Association, Description (
2707 "CIM_AuthenticationTarget is an association used to apply "
2708 "authentication requirements for access to specific resources. "
2709 "For example, a shared secret may be sufficient for access to "
2710 "unclassified resources, but for confidential resources, a "
2711 "stronger authentication may be required." )]
2712 class CIM_AuthenticationTarget : CIM_Dependency
2713 {
2714 [Override ("Antecedent"),
2715 Description ("AuthenticationRequirement that apply to "
2716 karl 1.1 "specific resources") ]
2717 CIM_AuthenticationRequirement REF Antecedent;
2718 [Override ("Dependent"),
2719 Description ("Target resources that may be in a Collection or "
2720 "an individual ManagedElement. These resources are protected "
2721 "by the AuthenticationRequirement.") ]
2722 CIM_ManagedElement REF Dependent;
2723 };
2724
2725 // ==================================================================
2726 // HostedACI
2727 // ==================================================================
2728 [Association, Description (
2729 "CIM_HostedACI is an association used to provide the namespace "
2730 "scoping of AccessControlInformation. The hosted ACI may or may "
2731 "not apply to resources on the hosting system." )]
2732 class CIM_HostedACI : CIM_Dependency
2733 {
2734 [Min (1), Max (1), Override ("Antecedent"),
2735 Description ("The hosting system") ]
2736 CIM_System REF Antecedent;
2737 karl 1.1 [Override ("Dependent"), Weak,
2738 Description ("The hosted AccessControlInformation") ]
2739 CIM_AccessControlInformation REF Dependent;
2740 };
2741
2742 // ==================================================================
2743 // AuthorizedUse
2744 // ==================================================================
2745 [Association, Description (
2746 "CIM_AuthorizedUse is an association used to provide an "
2747 "AuthorizationService with the AccessControlInformation it needs "
2748 "to do its job." )]
2749 class CIM_AuthorizedUse : CIM_Dependency
2750 {
2751 [Override ("Antecedent"),
2752 Description ("AccessControlInformation") ]
2753 CIM_AccessControlInformation REF Antecedent;
2754 [Override ("Dependent"),
2755 Description ("AuthorizationService that uses an ACI.") ]
2756 CIM_AuthorizationService REF Dependent;
2757 };
2758 karl 1.1
2759 // ==================================================================
2760 // AuthorizationSubject
2761 // ==================================================================
2762 [Association, Description (
2763 "CIM_AuthorizationSubject is an association used to apply "
2764 "authorization decisions to specific subjects (i.e., users). The "
2765 "subjects may be identified directly or they may be aggregated "
2766 "into a collection that may, in turn, use the MemberPrincipal "
2767 "association to provide further indirection in the specification "
2768 "of the subject set." )]
2769 class CIM_AuthorizationSubject : CIM_Dependency
2770 {
2771 [Override ("Antecedent"), Description (
2772 "AccessControlInformation that applies to a subject set.") ]
2773 CIM_AccessControlInformation REF Antecedent;
2774 [Override ("Dependent"), Description (
2775 "The subject set may be specified as a collection or as a set "
2776 "of associations to ManagedElements that represent users.") ]
2777 CIM_ManagedElement REF Dependent;
2778 };
2779 karl 1.1
2780 // ==================================================================
2781 // AuthorizationTarget
2782 // ==================================================================
2783 [Association, Description (
2784 "CIM_AuthorizationTarget is an association used to apply "
2785 "authorization decisions to specific target resources. The "
2786 "target resources may be aggregated into a collection or may be "
2787 "represented as a set of associations to ManagedElements." )]
2788 class CIM_AuthorizationTarget : CIM_Dependency
2789 {
2790 [Override ("Antecedent"), Description (
2791 "AccessControlInformation that applies to the target set.") ]
2792 CIM_AccessControlInformation REF Antecedent;
2793 [Override ("Dependent"), Description (
2794 "The target set of resources may be specified as a collection "
2795 "or as a set of associations to ManagedElements that represent "
2796 "target resources.") ]
2797 CIM_ManagedElement REF Dependent;
2798 };
2799
2800 karl 1.1
2801 // End of file
2802
2803
2804
2805
|