-- The Policy Capabilities MIB -- This table contains parameters that summarize the capabilities of -- the device pertaining to Policy. -- CAJUN POLICY CAPABILITIES CAJUN-POLICY-CAPABILITIES DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, enterprises, OBJECT-TYPE, Integer32, TimeTicks,IpAddress,NOTIFICATION-TYPE, OBJECT-IDENTITY FROM SNMPv2-SMI DisplayString, DateAndTime FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF; lucent MODULE-IDENTITY LAST-UPDATED "9903090000Z" ORGANIZATION "Lucent CTC" CONTACT-INFO " Bill Fardy Postal: 300 Baker Ave Concord, Mass. 01742-2168 US Tel: +1 978 287 9125 E-mail: bfardy@lucent.com" DESCRIPTION "The MIB module for Lucent Policy Enabled CajunRules Products." ::= { enterprises 1751 } --lucent mibs OBJECT IDENTIFIER ::= {lucent 2} -- CajunRules top level MIB placeholder is 42 -- no product ID is required cajunRulesMIB OBJECT IDENTIFIER ::= { mibs 42} policyCapabilityMIB OBJECT IDENTIFIER ::= { cajunRulesMIB 1 } lucentDevicePolicyCapabilities OBJECT IDENTIFIER ::= { policyCapabilityMIB 1 } lucentDevicePolicyLDAPObjects OBJECT IDENTIFIER ::= { policyCapabilityMIB 2 } -- conformance information lucentDevicePolicyCapabilityMIBConformance OBJECT IDENTIFIER ::= { policyCapabilityMIB 11 } lucentDevicePolicyCapabilityMIBCompliances OBJECT IDENTIFIER ::= { policyCapabilityMIB 12 } lucentDevicePolicyMIBGroups OBJECT IDENTIFIER ::= { policyCapabilityMIB 13 } -- V2 notifications lucentPolicyCapabilityEvents OBJECT IDENTIFIER ::= { policyCapabilityMIB 21 } -- Policy Capability Group lucentDevicePolicyCapabilityTable OBJECT-TYPE SYNTAX SEQUENCE OF LucentDevicePolicyCapabilityEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table is used to advertise the Policy Capabilities of the Device." ::= { lucentDevicePolicyCapabilities 1 } lucentDevicePolicyCapabilityEntry OBJECT-TYPE SYNTAX LucentDevicePolicyCapabilityEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information Describing a single Policy Capability of this device." INDEX { lucentDevicePolicyCapabilityIndex } ::= { lucentDevicePolicyCapabilityTable 1 } LucentDevicePolicyCapabilityEntry ::= SEQUENCE { lucentDevicePolicyCapabilityIndex Integer32, lucentDevicePolicyCapabilityType INTEGER, lucentDevicePolicyCapabilityDescription DisplayString, lucentDevicePolicyCapabilityInformation OCTET STRING (SIZE(0..64)), lucentDevicePolicyCapabilityState INTEGER } lucentDevicePolicyCapabilityIndex OBJECT-TYPE SYNTAX Integer32 (1..128) MAX-ACCESS read-only STATUS current DESCRIPTION "A unique index for this entry with no semanitics aside from its uniqueness." ::= { lucentDevicePolicyCapabilityEntry 1 } lucentDevicePolicyCapabilityType OBJECT-TYPE SYNTAX INTEGER { ldap(1), cops(2), diameter(3), snmp(4), radius(5), cli(6), other(7) } MAX-ACCESS read-only STATUS current DESCRIPTION "An enumeration describing a type of Policy attribute supported by this device. This Policy attribute's semantics is intended to make sense within the context of the CajunRules application. At this time, a value of 'ldap' indicates that the device is retrieving policy information from an LDAP server. This implies that the device also implements the LDAP Group defined in this MIB. At this time the other enumerations are informational only and are intended for future enhancements. It should be noted that 'snmp' indicates that the policies themselves are being set by SNMP. The implementation of the producer/consumer handshake defined in this MIB in the LDAP group does NOT require the lucentDevicePolicyCapabilityType to be set to 'snmp'. The value 'cli' is intended for a proprietary implementation of cli functionality implemented over some proprietary port. This value does NOT refer to the device's implementation of a local command line interface or a command line interface supported over a telnet interface." ::= { lucentDevicePolicyCapabilityEntry 2 } lucentDevicePolicyCapabilityDescription OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "An Infomational string that should be able to be displayed as an identifier for a user. A recommended format would be the type followed by version information if applicable and anything else deemed useful." ::= { lucentDevicePolicyCapabilityEntry 3 } lucentDevicePolicyCapabilityInformation OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..64)) MAX-ACCESS read-only STATUS current DESCRIPTION "An opaque string to allow for future capabilities." ::= { lucentDevicePolicyCapabilityEntry 4 } lucentDevicePolicyCapabilityState OBJECT-TYPE SYNTAX INTEGER { active(1), inactive(2), other(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The state of this Policy Capability. An inactive state implies that the device has the capacity but is not using it currently." ::= { lucentDevicePolicyCapabilityEntry 5 } lucentDevicePolicyTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The base time that the device would like policies to be based upon. This field is primarily intended to allow the device to advertise its time zone. If this time zone is not present, or if this object is not implemented, the client device willuse it local time zone. Syncronization of time information other than the time zone is best-effort." ::= { lucentDevicePolicyCapabilities 2} lucentDevicePolicyCapabilityGroup OBJECT-GROUP OBJECTS { lucentDevicePolicyCapabilityIndex, lucentDevicePolicyCapabilityType, lucentDevicePolicyCapabilityDescription, lucentDevicePolicyCapabilityInformation, lucentDevicePolicyCapabilityState, lucentDevicePolicyTime } STATUS current DESCRIPTION "A group defining the minimum implementation of a device instrumenting the Device Policy Capabilities MIB." ::= { lucentDevicePolicyMIBGroups 1 } -- LDAP Group, need only be implemented by devices implementing an -- LDAP client lucentDevicePolicyLDAPServerIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "The IP address of the LDAP enabled server this device retreives policy information from. By convention, setting this value to 0 disables the directory enabled capablity of this device with respect to policy. If the devices's directory enabled capability with respect to policy is disabled locally, this object will be clearedd." ::= { lucentDevicePolicyLDAPObjects 1 } lucentDevicePolicyLDAPServerPort OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "The well-known port over which this device is using LDAP. It is assumed that ports other than 389 might be utilized." ::= { lucentDevicePolicyLDAPObjects 2 } lucentDevicePolicySecondaryLDAPServerIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "The backup LDAP server IP Address." ::= { lucentDevicePolicyLDAPObjects 3 } lucentDevicePolicySecondaryLDAPServerPort OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "The backup LDAP port." ::= { lucentDevicePolicyLDAPObjects 4 } -- the following two objects are implemented so that they can be -- returned as objects the lucentBadLDAPObject NOTIFICATION lucentDevicePolicyBadLDAPObject OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "The last LDAP Object that was unable to be processed, thereby causing the sending of a lucentBadLDAPObject Notification. If this condition has never ocurred since agent initialization, or if the device cannot 'remember', it would be NULL. The primary purpose of this object is to be included in the lucentBadLDAPObject Notification." ::= { lucentDevicePolicyLDAPObjects 5 } lucentDevicePolicyBadLDAPDescription OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "A Descriptive string intended to provide optional detail accompanying a lucentDadLDAPObject Notification. A likely use of this string would be for the receiver of this variable in a trap to display the string in an error log. If this condition has never ocurred since agent initialization, or if the device cannot 'remember',it would be NULL. The primary purpose of this object is to be included in the lucentBadLDAPObject Notification." ::= { lucentDevicePolicyLDAPObjects 6 } lucentDevicePolicyCapabilityLastChange OBJECT-TYPE SYNTAX TimeTicks MAX-ACCESS read-only STATUS current DESCRIPTION "The sysUpTime in the device that this Policy Capability was last modified. Providing this allows a remote manager to detect a change in the Policy Capabilities by polling a single object. On seeing this value change an interested manager should relearn this device's Policy Capabilities." ::= { lucentDevicePolicyLDAPObjects 7 } lucentDevicePolicyCapabilityProducerSignal OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "The sequence number assocated with the latest policy written for this device at the directory 'pointed to' by lucentDevicePolicyLDAPServerIP. This sequence number is part of the Directory's Policy schema. This object is designed for writing to by a CajunRules like manager when it has placed a new policy for retrieval and can be interpreted by the device as a signal to retrieve this policy. By convention, this device would never be written to by the agent with the exception of it being cleared at system initializaton time. In tandem with the lucentDevicePolicyCapabilityConsumerSignal it should describe the current state of the device with respect to its LDAP Policy retrieval behavior." ::= { lucentDevicePolicyLDAPObjects 8 } lucentDevicePolicyCapabilityConsumerSignal OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The sequence number of the last Policy retrieved from the directory 'pointed to' by lucentDevicePolicyLDAPServerIP. This sequence number is part of the Directory Policy schema. This object is initialized at zero on agent reset, and thereafter only written by the Policy Agent on successful retrieval and parsing of a Policy Schema from the directory. In tandem with the lucentDevicePolicyCapabilityConsumerSignal it should describe the current state of the device with respect to its LDAP Policy retrieval behavior. By convention, the agent may set this value to 0xffff to indicate an error serious enough to prohibit its enforcing a retrieved policy." ::= { lucentDevicePolicyLDAPObjects 9 } lucentDevicePolicyLDAPSearchBase OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-write STATUS current DESCRIPTION "The search base string to be used by the LDAP client." ::= { lucentDevicePolicyLDAPObjects 10 } lucentDevicePolicyCapabilityLDAPGroup OBJECT-GROUP OBJECTS { lucentDevicePolicyLDAPServerIP, lucentDevicePolicyLDAPServerPort, lucentDevicePolicySecondaryLDAPServerIP, lucentDevicePolicySecondaryLDAPServerPort, lucentDevicePolicyBadLDAPObject, lucentDevicePolicyBadLDAPDescription, lucentDevicePolicyCapabilityLastChange, lucentDevicePolicyCapabilityProducerSignal, lucentDevicePolicyCapabilityConsumerSignal, lucentDevicePolicyLDAPSearchBase } STATUS current DESCRIPTION "A group of the Device Policy Capabilities MIB that defines LDAP specific objects. This group is intended to be implemented by any device that implements an LDAP client to retrieve policy information." ::={ lucentDevicePolicyMIBGroups 2 } lucentPolicyCapabilityEventsV2 OBJECT-IDENTITY STATUS current DESCRIPTION "The events related to Policy Capabilities." ::={lucentPolicyCapabilityEvents 1 } lucentBadLDAPObject NOTIFICATION-TYPE OBJECTS { lucentDevicePolicyLDAPServerIP, lucentDevicePolicyLDAPServerPort, lucentDevicePolicyBadLDAPObject, lucentDevicePolicyBadLDAPDescription } STATUS current DESCRIPTION "A lucentBadLDAPObject trap indicates that the sender has retrieved an LDAP object that it could not process. More details can be copied to lucentDevicePolicyBadLDAPDescription DisplayString." ::={lucentPolicyCapabilityEventsV2 1} lucentDevicePolicyCapabilityBasicCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The basic implementation requirements of a policy enabled device." MODULE --This Module -- The lucentDevicePolicyCapabilityLDAPGroup is not required MANDATORY-GROUPS { lucentDevicePolicyCapabilityGroup } ::= {lucentDevicePolicyCapabilityMIBCompliances 1} END