This is a summary of information regarding objects below the snmpVacmMIB MIB object, which is defined within the SNMP-VIEW-BASED-ACM-MIB MIB document as .1.3.6.1.6.3.16.
Name | Type | Access | OID | Description |
---|---|---|---|---|
1
vacmViewSpinLock |
INTEGER
Legal values: 0 .. 2147483647 TestAndIncr | ReadWrite | .1.3.6.1.6.3.16.1.5.1 |
Note: this object is based on the TestAndIncr TEXTUAL-CONVENTION. An advisory lock used to allow cooperating SNMP Command Generator applications to coordinate their use of the Set operation in creating or modifying views. When creating a new view or altering an existing view, it is important to understand the potential interactions with other uses of the view. The vacmViewSpinLock should be retrieved. The name of the view to be created should be determined to be unique by the SNMP Command Generator application by consulting the vacmViewTreeFamilyTable. Finally, the named view may be created (Set), including the advisory lock. If another SNMP Command Generator application has altered the views in the meantime, then the spin lock's value will have changed, and so this creation will fail because it will specify the wrong value for the spin lock. Since this is an advisory lock, the use of this lock is not enforced. |
Name | Type | Access | Description |
---|---|---|---|
1
vacmContextName |
OCTETSTR
Legal Lengths: 0 .. 32 SnmpAdminString | ReadOnly |
Note: this object is based on the SnmpAdminString TEXTUAL-CONVENTION. A human readable name identifying a particular context at a particular SNMP entity. The empty contextName (zero length) represents the default context. |
Name | Type | Access | Description |
---|
Name | Type | Access | Description |
---|---|---|---|
1
vacmSecurityModel |
INTEGER
Legal values: 1 .. 2147483647 SnmpSecurityModel | NoAccess |
Note: this object is based on the SnmpSecurityModel TEXTUAL-CONVENTION. The Security Model, by which the vacmSecurityName referenced by this entry is provided. Note, this object may not take the 'any' (0) value. |
2
vacmSecurityName |
OCTETSTR
Legal Lengths: 1 .. 32 SnmpAdminString | NoAccess |
Note: this object is based on the SnmpAdminString TEXTUAL-CONVENTION. The securityName for the principal, represented in a Security Model independent format, which is mapped by this entry to a groupName. |
Name | Type | Access | Description |
---|---|---|---|
3
vacmGroupName |
OCTETSTR
Legal Lengths: 1 .. 32 SnmpAdminString | Create |
Note: this object is based on the SnmpAdminString TEXTUAL-CONVENTION. The name of the group to which this entry (e.g., the combination of securityModel and securityName) belongs. This groupName is used as index into the vacmAccessTable to select an access control policy. However, a value in this table does not imply that an instance with the value exists in table vacmAccesTable. |
4
vacmSecurityToGroupStorageType |
INTEGER
StorageType (ENUM list below) | Create |
Note: this object is based on the StorageType TEXTUAL-CONVENTION. The storage type for this conceptual row. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row. |
5
vacmSecurityToGroupStatus |
INTEGER
RowStatus (ENUM list below) | Create |
Note: this object is based on the RowStatus TEXTUAL-CONVENTION. The status of this conceptual row. Until instances of all corresponding columns are appropriately configured, the value of the corresponding instance of the vacmSecurityToGroupStatus column is 'notReady'. In particular, a newly created row cannot be made active until a value has been set for vacmGroupName. The RowStatus TC [RFC2579] requires that this DESCRIPTION clause states under which circumstances other objects in this row can be modified: The value of this object has no effect on whether other objects in this conceptual row can be modified. |
Name | Type | Access | Description |
---|---|---|---|
3
vacmGroupName |
OCTETSTR
Legal Lengths: 1 .. 32 SnmpAdminString | Create |
Note: this object is based on the SnmpAdminString TEXTUAL-CONVENTION. The name of the group to which this entry (e.g., the combination of securityModel and securityName) belongs. This groupName is used as index into the vacmAccessTable to select an access control policy. However, a value in this table does not imply that an instance with the value exists in table vacmAccesTable. |
1
vacmAccessContextPrefix |
OCTETSTR
Legal Lengths: 0 .. 32 SnmpAdminString | NoAccess |
Note: this object is based on the SnmpAdminString TEXTUAL-CONVENTION. In order to gain the access rights allowed by this conceptual row, a contextName must match exactly (if the value of vacmAccessContextMatch is 'exact') or partially (if the value of vacmAccessContextMatch is 'prefix') to the value of the instance of this object. |
2
vacmAccessSecurityModel |
INTEGER
Legal values: 0 .. 2147483647 SnmpSecurityModel | NoAccess |
Note: this object is based on the SnmpSecurityModel TEXTUAL-CONVENTION. In order to gain the access rights allowed by this conceptual row, this securityModel must be in use. |
3
vacmAccessSecurityLevel |
INTEGER
SnmpSecurityLevel (ENUM list below) | NoAccess |
Note: this object is based on the SnmpSecurityLevel TEXTUAL-CONVENTION. The minimum level of security required in order to gain the access rights allowed by this conceptual row. A securityLevel of noAuthNoPriv is less than authNoPriv which in turn is less than authPriv. If multiple entries are equally indexed except for this vacmAccessSecurityLevel index, then the entry which has the highest value for vacmAccessSecurityLevel is selected. |
Name | Type | Access | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
4
vacmAccessContextMatch |
INTEGER
| Create |
If the value of this object is exact(1), then all rows where the contextName exactly matches vacmAccessContextPrefix are selected. If the value of this object is prefix(2), then all rows where the contextName whose starting octets exactly match vacmAccessContextPrefix are selected. This allows for a simple form of wildcarding. |
||||||
5
vacmAccessReadViewName |
OCTETSTR
Legal Lengths: 0 .. 32 SnmpAdminString | Create |
Note: this object is based on the SnmpAdminString TEXTUAL-CONVENTION. The value of an instance of this object identifies the MIB view of the SNMP context to which this conceptual row authorizes read access. The identified MIB view is that one for which the vacmViewTreeFamilyViewName has the same value as the instance of this object; if the value is the empty string or if there is no active MIB view having this value of vacmViewTreeFamilyViewName, then no access is granted. |
||||||
6
vacmAccessWriteViewName |
OCTETSTR
Legal Lengths: 0 .. 32 SnmpAdminString | Create |
Note: this object is based on the SnmpAdminString TEXTUAL-CONVENTION. The value of an instance of this object identifies the MIB view of the SNMP context to which this conceptual row authorizes write access. The identified MIB view is that one for which the vacmViewTreeFamilyViewName has the same value as the instance of this object; if the value is the empty string or if there is no active MIB view having this value of vacmViewTreeFamilyViewName, then no access is granted. |
||||||
7
vacmAccessNotifyViewName |
OCTETSTR
Legal Lengths: 0 .. 32 SnmpAdminString | Create |
Note: this object is based on the SnmpAdminString TEXTUAL-CONVENTION. The value of an instance of this object identifies the MIB view of the SNMP context to which this conceptual row authorizes access for notifications. The identified MIB view is that one for which the vacmViewTreeFamilyViewName has the same value as the instance of this object; if the value is the empty string or if there is no active MIB view having this value of vacmViewTreeFamilyViewName, then no access is granted. |
||||||
8
vacmAccessStorageType |
INTEGER
StorageType (ENUM list below) | Create |
Note: this object is based on the StorageType TEXTUAL-CONVENTION. The storage type for this conceptual row. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row. |
||||||
9
vacmAccessStatus |
INTEGER
RowStatus (ENUM list below) | Create |
Note: this object is based on the RowStatus TEXTUAL-CONVENTION. The status of this conceptual row. The RowStatus TC [RFC2579] requires that this DESCRIPTION clause states under which circumstances other objects in this row can be modified: The value of this object has no effect on whether other objects in this conceptual row can be modified. |
Name | Type | Access | Description |
---|---|---|---|
1
vacmViewTreeFamilyViewName |
OCTETSTR
Legal Lengths: 1 .. 32 SnmpAdminString | NoAccess |
Note: this object is based on the SnmpAdminString TEXTUAL-CONVENTION. The human readable name for a family of view subtrees. |
2
vacmViewTreeFamilySubtree | OBJECTID | NoAccess |
The MIB subtree which when combined with the corresponding instance of vacmViewTreeFamilyMask defines a family of view subtrees. |
Name | Type | Access | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
3
vacmViewTreeFamilyMask |
OCTETSTR
Legal Lengths: 0 .. 16 | Create |
The bit mask which, in combination with the corresponding instance of vacmViewTreeFamilySubtree, defines a family of view subtrees. Each bit of this bit mask corresponds to a sub-identifier of vacmViewTreeFamilySubtree, with the most significant bit of the i-th octet of this octet string value (extended if necessary, see below) corresponding to the (8*i - 7)-th sub-identifier, and the least significant bit of the i-th octet of this octet string corresponding to the (8*i)-th sub-identifier, where i is in the range 1 through 16. Each bit of this bit mask specifies whether or not the corresponding sub-identifiers must match when determining if an OBJECT IDENTIFIER is in this family of view subtrees; a '1' indicates that an exact match must occur; a '0' indicates 'wild card', i.e., any sub-identifier value matches. Thus, the OBJECT IDENTIFIER X of an object instance is contained in a family of view subtrees if, for each sub-identifier of the value of vacmViewTreeFamilySubtree, either: the i-th bit of vacmViewTreeFamilyMask is 0, or the i-th sub-identifier of X is equal to the i-th sub-identifier of the value of vacmViewTreeFamilySubtree. If the value of this bit mask is M bits long and there are more than M sub-identifiers in the corresponding instance of vacmViewTreeFamilySubtree, then the bit mask is extended with 1's to be the required length. Note that when the value of this object is the zero-length string, this extension rule results in a mask of all-1's being used (i.e., no 'wild card'), and the family of view subtrees is the one view subtree uniquely identified by the corresponding instance of vacmViewTreeFamilySubtree. Note that masks of length greater than zero length do not need to be supported. In this case this object is made read-only. |
||||||
4
vacmViewTreeFamilyType |
INTEGER
| Create |
Indicates whether the corresponding instances of vacmViewTreeFamilySubtree and vacmViewTreeFamilyMask define a family of view subtrees which is included in or excluded from the MIB view. |
||||||
5
vacmViewTreeFamilyStorageType |
INTEGER
StorageType (ENUM list below) | Create |
Note: this object is based on the StorageType TEXTUAL-CONVENTION. The storage type for this conceptual row. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row. |
||||||
6
vacmViewTreeFamilyStatus |
INTEGER
RowStatus (ENUM list below) | Create |
Note: this object is based on the RowStatus TEXTUAL-CONVENTION. The status of this conceptual row. The RowStatus TC [RFC2579] requires that this DESCRIPTION clause states under which circumstances other objects in this row can be modified: The value of this object has no effect on whether other objects in this conceptual row can be modified. |
SCALAR OBJECTS
TABLE OBJECTS |
These TEXTUAL-CONVENTIONS are used in other parts of the document above. They are SNMP's way of defining a datatype that is used repeatedly by other MIB objects. Any implementation implementing objects that use one of these definitions must follow its DESCRIPTION clause as well as the DESCRIPTION clause of the object itself.
Name | Type | Description | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
SnmpSecurityLevel | INTEGER
| A Level of Security at which SNMP messages can be sent or with which operations are being processed; in particular, one of: noAuthNoPriv - without authentication and without privacy, authNoPriv - with authentication but without privacy, authPriv - with authentication and with privacy. These three values are ordered such that noAuthNoPriv is less than authNoPriv and authNoPriv is less than authPriv. | ||||||||||||||
TestAndIncr | INTEGER | Represents integer-valued information used for atomic operations. When the management protocol is used to specify that an object instance having this syntax is to be modified, the new value supplied via the management protocol must precisely match the value presently held by the instance. If not, the management protocol set operation fails with an error of `inconsistentValue'. Otherwise, if the current value is the maximum value of 2^31-1 (2147483647 decimal), then the value held by the instance is wrapped to zero; otherwise, the value held by the instance is incremented by one. (Note that regardless of whether the management protocol set operation succeeds, the variable- binding in the request and response PDUs are identical.) The value of the ACCESS clause for objects having this syntax is either `read-write' or `read-create'. When an instance of a columnar object having this syntax is created, any value may be supplied via the management protocol. When the network management portion of the system is re- initialized, the value of every object instance having this syntax must either be incremented from its value prior to the re-initialization, or (if the value prior to the re- initialization is unknown) be set to a pseudo-randomly generated value. | ||||||||||||||
StorageType | INTEGER
| Describes the memory realization of a conceptual row. A row which is volatile(2) is lost upon reboot. A row which is either nonVolatile(3), permanent(4) or readOnly(5), is backed up by stable storage. A row which is permanent(4) can be changed but not deleted. A row which is readOnly(5) cannot be changed nor deleted. If the value of an object with this syntax is either permanent(4) or readOnly(5), it cannot be written. Conversely, if the value is either other(1), volatile(2) or nonVolatile(3), it cannot be modified to be permanent(4) or readOnly(5). (All illegal modifications result in a 'wrongValue' error.) Every usage of this textual convention is required to specify the columnar objects which a permanent(4) row must at a minimum allow to be writable. | ||||||||||||||
SnmpSecurityModel | INTEGER | An identifier that uniquely identifies a Security Model of the Security Subsystem within this SNMP Management Architecture. The values for securityModel are allocated as follows: - The zero value does not identify any particular security model. - Values between 1 and 255, inclusive, are reserved for standards-track Security Models and are managed by the Internet Assigned Numbers Authority (IANA). - Values greater than 255 are allocated to enterprise-specific Security Models. An enterprise-specific securityModel value is defined to be: enterpriseID * 256 + security model within enterprise For example, the fourth Security Model defined by the enterprise whose enterpriseID is 1 would be 259. This scheme for allocation of securityModel values allows for a maximum of 255 standards- based Security Models, and for a maximum of 256 Security Models per enterprise. It is believed that the assignment of new securityModel values will be rare in practice because the larger the number of simultaneously utilized Security Models, the larger the chance that interoperability will suffer. Consequently, it is believed that such a range will be sufficient. In the unlikely event that the standards committee finds this number to be insufficient over time, an enterprise number can be allocated to obtain an additional 256 possible values. Note that the most significant bit must be zero; hence, there are 23 bits allocated for various organizations to design and define non-standard securityModels. This limits the ability to define new proprietary implementations of Security Models to the first 8,388,608 enterprises. It is worthwhile to note that, in its encoded form, the securityModel value will normally require only a single byte since, in practice, the leftmost bits will be zero for most messages and sign extension is suppressed by the encoding rules. As of this writing, there are several values of securityModel defined for use with SNMP or reserved for use with supporting MIB objects. They are as follows: 0 reserved for 'any' 1 reserved for SNMPv1 2 reserved for SNMPv2c 3 User-Based Security Model (USM) | ||||||||||||||
RowStatus | INTEGER
| The RowStatus textual convention is used to manage the creation and deletion of conceptual rows, and is used as the value of the SYNTAX clause for the status column of a conceptual row (as described in Section 7.7.1 of [2].) The status column has six defined values: - `active', which indicates that the conceptual row is available for use by the managed device; - `notInService', which indicates that the conceptual row exists in the agent, but is unavailable for use by the managed device (see NOTE below); 'notInService' has no implication regarding the internal consistency of the row, availability of resources, or consistency with the current state of the managed device; - `notReady', which indicates that the conceptual row exists in the agent, but is missing information necessary in order to be available for use by the managed device (i.e., one or more required columns in the conceptual row have not been instanciated); - `createAndGo', which is supplied by a management station wishing to create a new instance of a conceptual row and to have its status automatically set to active, making it available for use by the managed device; - `createAndWait', which is supplied by a management station wishing to create a new instance of a conceptual row (but not make it available for use by the managed device); and, - `destroy', which is supplied by a management station wishing to delete all of the instances associated with an existing conceptual row. Whereas five of the six values (all except `notReady') may be specified in a management protocol set operation, only three values will be returned in response to a management protocol retrieval operation: `notReady', `notInService' or `active'. That is, when queried, an existing conceptual row has only three states: it is either available for use by the managed device (the status column has value `active'); it is not available for use by the managed device, though the agent has sufficient information to attempt to make it so (the status column has value `notInService'); or, it is not available for use by the managed device, and an attempt to make it so would fail because the agent has insufficient information (the state column has value `notReady'). NOTE WELL This textual convention may be used for a MIB table, irrespective of whether the values of that table's conceptual rows are able to be modified while it is active, or whether its conceptual rows must be taken out of service in order to be modified. That is, it is the responsibility of the DESCRIPTION clause of the status column to specify whether the status column must not be `active' in order for the value of some other column of the same conceptual row to be modified. If such a specification is made, affected columns may be changed by an SNMP set PDU if the RowStatus would not be equal to `active' either immediately before or after processing the PDU. In other words, if the PDU also contained a varbind that would change the RowStatus value, the column in question may be changed if the RowStatus was not equal to `active' as the PDU was received, or if the varbind sets the status | ||||||||||||||
SnmpAdminString | OCTETSTR | An octet string containing administrative information, preferably in human-readable form. To facilitate internationalization, this information is represented using the ISO/IEC IS 10646-1 character set, encoded as an octet string using the UTF-8 transformation format described in [RFC2279]. Since additional code points are added by amendments to the 10646 standard from time to time, implementations must be prepared to encounter any code point from 0x00000000 to 0x7fffffff. Byte sequences that do not correspond to the valid UTF-8 encoding of a code point or are outside this range are prohibited. The use of control codes should be avoided. When it is necessary to represent a newline, the control code sequence CR LF should be used. The use of leading or trailing white space should be avoided. For code points not directly supported by user interface hardware or software, an alternative means of entry and display, such as hexadecimal, may be provided. For information encoded in 7-bit US-ASCII, the UTF-8 encoding is identical to the US-ASCII encoding. UTF-8 may require multiple bytes to represent a single character / code point; thus the length of this object in octets may be different from the number of characters encoded. Similarly, size constraints refer to the number of encoded octets, not the number of characters represented by an encoding. Note that when this TC is used for an object that is used or envisioned to be used as an index, then a SIZE restriction MUST be specified so that the number of sub-identifiers for any object instance does not exceed the limit of 128, as defined by [RFC3416]. Note that the size of an SnmpAdminString object is measured in octets, not characters. |
Tree view generated by running: snmptranslate -Tp SNMP-VIEW-BASED-ACM-MIB::snmpVacmMIB
+--snmpVacmMIB(16) | +--vacmMIBObjects(1) | | | +--vacmContextTable(1) | | | | | +--vacmContextEntry(1) | | | Index: vacmContextName | | | | | +-- -R-- String vacmContextName(1) | | Textual Convention: SnmpAdminString | | Size: 0..32 | | | +--vacmSecurityToGroupTable(2) | | | | | +--vacmSecurityToGroupEntry(1) | | | Index: vacmSecurityModel, vacmSecurityName | | | | | +-- ---- INTEGER vacmSecurityModel(1) | | | Textual Convention: SnmpSecurityModel | | | Range: 1..2147483647 | | +-- ---- String vacmSecurityName(2) | | | Textual Convention: SnmpAdminString | | | Size: 1..32 | | +-- CR-- String vacmGroupName(3) | | | Textual Convention: SnmpAdminString | | | Size: 1..32 | | +-- CR-- EnumVal vacmSecurityToGroupStorageType(4) | | | Textual Convention: StorageType | | | Values: other(1), volatile(2), nonVolatile(3), permanent(4), readOnly(5) | | +-- CR-- EnumVal vacmSecurityToGroupStatus(5) | | Textual Convention: RowStatus | | Values: active(1), notInService(2), notReady(3), createAndGo(4), createAndWait(5), destroy(6) | | | +--vacmAccessTable(4) | | | | | +--vacmAccessEntry(1) | | | Index: vacmGroupName, vacmAccessContextPrefix, vacmAccessSecurityModel, vacmAccessSecurityLevel | | | | | +-- ---- String vacmAccessContextPrefix(1) | | | Textual Convention: SnmpAdminString | | | Size: 0..32 | | +-- ---- INTEGER vacmAccessSecurityModel(2) | | | Textual Convention: SnmpSecurityModel | | | Range: 0..2147483647 | | +-- ---- EnumVal vacmAccessSecurityLevel(3) | | | Textual Convention: SnmpSecurityLevel | | | Values: noAuthNoPriv(1), authNoPriv(2), authPriv(3) | | +-- CR-- EnumVal vacmAccessContextMatch(4) | | | Values: exact(1), prefix(2) | | +-- CR-- String vacmAccessReadViewName(5) | | | Textual Convention: SnmpAdminString | | | Size: 0..32 | | +-- CR-- String vacmAccessWriteViewName(6) | | | Textual Convention: SnmpAdminString | | | Size: 0..32 | | +-- CR-- String vacmAccessNotifyViewName(7) | | | Textual Convention: SnmpAdminString | | | Size: 0..32 | | +-- CR-- EnumVal vacmAccessStorageType(8) | | | Textual Convention: StorageType | | | Values: other(1), volatile(2), nonVolatile(3), permanent(4), readOnly(5) | | +-- CR-- EnumVal vacmAccessStatus(9) | | Textual Convention: RowStatus | | Values: active(1), notInService(2), notReady(3), createAndGo(4), createAndWait(5), destroy(6) | | | +--vacmMIBViews(5) | | | +-- -RW- INTEGER vacmViewSpinLock(1) | | Textual Convention: TestAndIncr | | Range: 0..2147483647 | | | +--vacmViewTreeFamilyTable(2) | | | +--vacmViewTreeFamilyEntry(1) | | Index: vacmViewTreeFamilyViewName, vacmViewTreeFamilySubtree | | | +-- ---- String vacmViewTreeFamilyViewName(1) | | Textual Convention: SnmpAdminString | | Size: 1..32 | +-- ---- ObjID vacmViewTreeFamilySubtree(2) | +-- CR-- String vacmViewTreeFamilyMask(3) | | Size: 0..16 | +-- CR-- EnumVal vacmViewTreeFamilyType(4) | | Values: included(1), excluded(2) | +-- CR-- EnumVal vacmViewTreeFamilyStorageType(5) | | Textual Convention: StorageType | | Values: other(1), volatile(2), nonVolatile(3), permanent(4), readOnly(5) | +-- CR-- EnumVal vacmViewTreeFamilyStatus(6) | Textual Convention: RowStatus | Values: active(1), notInService(2), notReady(3), createAndGo(4), createAndWait(5), destroy(6) | +--vacmMIBConformance(2) | +--vacmMIBCompliances(1) | | | +--vacmMIBCompliance(1) | +--vacmMIBGroups(2) | +--vacmBasicGroup(1)
Last modified: Wednesday, 01-Aug-2018 04:41:28 UTC
For questions regarding web content and site functionality, please write to the net-snmp-users mail list.