No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

MIB Reference

S12700 V200R010C00

This document provides the function overview, relationships between tables, description of single objects, description of MIB tables, and description of alarm objects.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
vacmAccessTable

vacmAccessTable

The table of access rights for groups.

Each entry is indexed by groupName, contextPrefix, securityModel, and securityLevel. To determine whether access is allowed, one entry from this table needs to be selected and the proper viewName from that entry must be used for access control checking.

To select the proper entry, follow these steps:

  1. The set of possible matches is formed by the intersection of the following sets of entries:

    • Set of entries with identical vacmGroupNames

    • Set of entries with identical vacmAccessContextPrefixes

    • Set of entries with vacmAccessContextMatch value of "prefix" and matching vacmAccessContextPrefix intersected with the union of these two sets

    • Set of entries with identical vacmSecurityModels

    • Set of entries with vacmSecurityModel value of "any" intersected with the set of entries with vacmAccessSecurityLevel value less than or equal to the requested securityLevel

  2. If the set contains more than one member, identify the priorities of ContextPrefixes, SecurityModels, and SecurityLevels based on the following rules:

    • If the subset of entries with securityModel matching the securityModel in the message is not empty, discard the rest.

    • If the subset of entries with vacmAccessContextPrefix matching the contextName in the message is not empty, discard the rest.

    • Discard all entries with ContextPrefixes shorter than the longest one remaining in the set.

    • Select the entry with the highest securityLevel. Please note that for securityLevel noAuthNoPriv, all groups are really equivalent since the assumption that the securityName has been authenticated does not hold.

Indexes of the table are as follows:

  • vacmGroupName

  • vacmAccessContextPrefix

  • vacmAccessSecurityModel

  • vacmAccessSecurityLevel

OID

Object Name

Syntax

Max Access

Description

Implemented Specifications

1.3.6.1.6.3.16.1.4.1.1

vacmAccessContextPrefix

SnmpAdminString (SIZE(0..32))

Not-accessible

In order to gain the access rights allowed by this conceptual row, a contextName must match exactly (if the value of vacmAccessContextMatch is "exact") or partially (if the value of vacmAccessContextMatch is "prefix") to the value of the instance of this object.

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.6.3.16.1.4.1.2

vacmAccessSecurityModel

SnmpSecurityModel

Not-accessible

In order to gain the access rights allowed by this conceptual row, this securityModel must be in use.

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.6.3.16.1.4.1.3

vacmAccessSecurityLevel

SnmpSecurityLevel

Not-accessible

The minimum level of security required in order to gain the access rights allowed by this conceptual row. A securityLevel of noAuthNoPriv is less than authNoPriv which in turn is less than authPriv.

If multiple entries are equally indexed except for this vacmAccessSecurityLevel index, then the entry which has the highest value for vacmAccessSecurityLevel is selected.

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.6.3.16.1.4.1.4

vacmAccessContextMatch

INTEGER

{

exact (1),

prefix (2)

}

Read-create

If the value of this object is exact(1), then all rows where the contextName exactly matches vacmAccessContextPrefix are selected.

If the value of this object is prefix(2), then all rows where the contextName whose starting octets exactly match vacmAccessContextPrefix are selected. This allows for a simple form of wildcarding.

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.6.3.16.1.4.1.5

vacmAccessReadViewName

SnmpAdminString (SIZE(0..32))

Read-create

The value of an instance of this object identifies the MIB view of the SNMP context to which this conceptual row authorizes read access.

The identified MIB view is that one for which the vacmViewTreeFamilyViewName has the same value as the instance of this object; if the value is the empty string or if there is no active MIB view having this value of vacmViewTreeFamilyViewName, then no access is granted.

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.6.3.16.1.4.1.6

vacmAccessWriteViewName

SnmpAdminString (SIZE(0..32))

Read-create

The value of an instance of this object identifies the MIB view of the SNMP context to which this conceptual row authorizes write access.

The identified MIB view is that one for which the vacmViewTreeFamilyViewName has the same value as the instance of this object; if the value is the empty string or if there is no active MIB view having this value of vacmViewTreeFamilyViewName, then no access is granted.

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.6.3.16.1.4.1.7

vacmAccessNotifyViewName

SnmpAdminString (SIZE(0..32))

Read-create

The value of an instance of this object identifies the MIB view of the SNMP context to which this conceptual row authorizes access for notifications.

The identified MIB view is that one for which the vacmViewTreeFamilyViewName has the same value as the instance of this object; if the value is the empty string or if there is no active MIB view having this value of vacmViewTreeFamilyViewName, then no access is granted.

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.6.3.16.1.4.1.8

vacmAccessStorageType

StorageType

Read-create

This object indicates the storage type for this conceptual row. Conceptual rows having the value "permanent" need not allow write-access to any columnar objects in the row

.The default value is { nonVolatile }.

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.6.3.16.1.4.1.9

vacmAccessStatus

RowStatus

Read-create

This object indicates the status of this conceptual row.

The RowStatus TC [RFC2579] requires that this DESCRIPTION clause states under which circumstances other objects in this row can be modified. The value of this object has no effect on whether other objects in this conceptual row can be modified.

This object is implemented as defined in the corresponding MIB files.

Creation Restriction

No SNMPv1 or SNMPv2 community name can be created in this table.

Modification Restriction

The SNMPv1 or SNMPv2 community name in this table cannot be modified.

Deletion Restriction

The SNMPv1 or SNMPv2 community name in this table cannot be deleted.

Access Restriction

The SNMPv1 or SNMPv2 community name in this table cannot be read. The SNMPv3 security group must be configured.

Translation
Download
Updated: 2019-04-20

Document ID: EDOC1000142096

Views: 128075

Downloads: 75

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next