-- ***********************************************************************************************
-- DEV-SYS-USER-MIB.my:  Transition Networks Enterprise MIB for system user  
-- management feature.
--
-- Author : Sean Liu, Tony Lei
--
-- Copyright (c) 2011 by Transition Networks, Inc.
-- All rights reserved.
--                     
-- Reproduction of this document is authorized on condition that
-- this copyright notice is included.  This Transition Networks, Inc.
-- SNMP Management Information Base Specification embodies confidential and 
-- proprietary intellectual property.
-- T.N.I. retains all title and ownership in the Specification, including any revisions.
-- 
-- It is T.N.I.'s intent to encourage the widespread use of this
-- specification in connection with the management of Transition
-- Networks, Inc.'s products.  T.N.I. grants vendor, end-users,
-- and other interested parties a non-exclusive license to use this
-- specification in connection with the management of Transition
-- Networks, Inc.'s products.
-- 
-- This Specification is supplied "AS IS," and T.N.I. makes
-- no warranty, either express or implied, as to the use,
-- operation, condition, or performance of the this Specification.
-- 
-- T.N.I. retains the right to change this without notification.

-- ***********************************************************************************************

TN-DEV-SYS-USER-MIB DEFINITIONS ::= BEGIN

IMPORTS
    DisplayString, RowStatus FROM SNMPv2-TC
	tnDevMgmt FROM TN-MGMT-MIB;

tnDevSysUser        OBJECT IDENTIFIER ::= { tnDevMgmt 19 }

tnDevSysUserTable OBJECT-TYPE
    SYNTAX SEQUENCE OF TnDevSysUserEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "This table is used to maintain the system login users."
    ::= { tnDevSysUser 1 }

tnDevSysUserEntry OBJECT-TYPE
    SYNTAX TnDevSysUserEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Entries in this table correspond to the system login users."
    INDEX { tnDevSysUserIndex }
    ::= { tnDevSysUserTable 1 }

TnDevSysUserEntry ::=
    SEQUENCE {
         tnDevSysUserIndex        Integer32,
         tnDevSysUserName         DisplayString,
         tnDevSysUserPassword     DisplayString,
         tnDevSysUserLevel        INTEGER,
         tnDevSysUserStatus       RowStatus
    }

tnDevSysUserIndex OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "Index of this table."
    ::= { tnDevSysUserEntry 1 }

tnDevSysUserName OBJECT-TYPE
    SYNTAX      DisplayString (SIZE (1..64))
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The name of the user. The user name is starting with alphanumeric."
    ::= { tnDevSysUserEntry 2 }

tnDevSysUserPassword OBJECT-TYPE
    SYNTAX      DisplayString (SIZE (0..64))
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "The password of the user. zero length input will set the user enrty
         without password. The password is starting with alphanumeric. When do
         getting to this variable, always eight '*' is returned."
   ::= { tnDevSysUserEntry 3 }


tnDevSysUserLevel OBJECT-TYPE
    SYNTAX      INTEGER(1..15)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION "The level of the user. The value of:
                 admin(1): this user can read and write though WEB/CLI, also can add, delete other users.
                 read-write(2): this user can read and write though WEB/CLI.
                 read-only(3): this user can read though WEB/CLI, but can't write."
   ::= { tnDevSysUserEntry 4 }

tnDevSysUserStatus OBJECT-TYPE
    SYNTAX      RowStatus
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "This variable is used to dynamically create or delete an entry for this table."
    ::= { tnDevSysUserEntry 20 }         
    
-- Log in method    
tnDevSysMethodTable OBJECT-TYPE
    SYNTAX SEQUENCE OF TnDevSysMethodEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "This table is used to maintain the system login Methods."
    ::= { tnDevSysUser 3 }

tnDevSysMethodEntry OBJECT-TYPE
    SYNTAX TnDevSysMethodEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Entries in this table correspond to the system login users."
    INDEX { tnDevSysClientIndex }
    ::= { tnDevSysMethodTable 1 }

TnDevSysMethodEntry ::=
    SEQUENCE {
         tnDevSysClientIndex      Integer32,
         tnDevSysMethodName       DisplayString,
         tnDevSysLoginMethod      INTEGER
    }

tnDevSysClientIndex OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Index of this table."
    ::= { tnDevSysMethodEntry 1 }

tnDevSysMethodName OBJECT-TYPE
    SYNTAX      DisplayString (SIZE (1..64))
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The name of the Clients."
    ::= { tnDevSysMethodEntry 2 }

tnDevSysLoginMethod OBJECT-TYPE
    SYNTAX      INTEGER{
                   none         (0),
                   localLogin   (1),
                   radius       (2),
                   radiusLocal  (3),
                   tacplus      (4),
                   tacplusLocal (5)
                } 
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "It is the methods about clients login in. The value of
 	     None(0) indicating does not support login, 
 	     localLogin(1) indicating supports local,
 	     radius(2) indicating supports radius, 
 	     radiusLocal(3) supports radius and local,
 	     tacplus(4) supports tacplus,
 	     tacplusLocal(5) supports tacplus and local, 
        "
    ::= { tnDevSysMethodEntry 3 }
 
-- Level     
tnDevSysPrivilegeLevelTable OBJECT-TYPE
    SYNTAX SEQUENCE OF TnDevSysPrivilegeLevelEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "This table is used to maintain the system Privilege level."
    ::= { tnDevSysUser 4 }

tnDevSysPrivilegeLevelEntry OBJECT-TYPE
    SYNTAX TnDevSysPrivilegeLevelEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Entries in this table correspond to the system login users."
    INDEX { tnDevSysPrivilegeLevelIndex }
    ::= { tnDevSysPrivilegeLevelTable 1 }

TnDevSysPrivilegeLevelEntry ::=
    SEQUENCE {
         tnDevSysPrivilegeLevelIndex      Integer32,
         tnDevSysPrivilegeLevelName       DisplayString,
         tnDevSysConfigReadLevel          INTEGER,
         tnDevSysConfigWriteLevel         INTEGER,
         tnDevSysStatusReadLevel          INTEGER,
         tnDevSysStatusWriteLevel         INTEGER
    }

tnDevSysPrivilegeLevelIndex OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "Index of this table."
    ::= { tnDevSysPrivilegeLevelEntry 1 }

tnDevSysPrivilegeLevelName OBJECT-TYPE
    SYNTAX      DisplayString (SIZE (1..64))
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The name of the Clients."
    ::= { tnDevSysPrivilegeLevelEntry 2 }

tnDevSysConfigReadLevel OBJECT-TYPE
    SYNTAX      INTEGER(1..15)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Every group has an authorization Privilege level for 
         the following sub groups: configuration read-only, 
         configuration/execute read-write, status/statistics read-only,
         status/statistics read-write (e.g. for clearing of statistics). 
         User Privilege should be same or greater than the authorization 
         Privilege level to have the access to that group. 
        "
    ::= { tnDevSysPrivilegeLevelEntry 3 }

tnDevSysConfigWriteLevel OBJECT-TYPE
    SYNTAX      INTEGER(1..15)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Every group has an authorization Privilege level for 
         the following sub groups: configuration read-only, 
         configuration/execute read-write, status/statistics read-only,
         status/statistics read-write (e.g. for clearing of statistics). 
         User Privilege should be same or greater than the authorization 
         Privilege level to have the access to that group. 
        "
    ::= { tnDevSysPrivilegeLevelEntry 4 }     

tnDevSysStatusReadLevel OBJECT-TYPE
    SYNTAX      INTEGER(1..15)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Every group has an authorization Privilege level for 
         the following sub groups: configuration read-only, 
         configuration/execute read-write, status/statistics read-only,
         status/statistics read-write (e.g. for clearing of statistics). 
         User Privilege should be same or greater than the authorization 
         Privilege level to have the access to that group. 
        "
    ::= { tnDevSysPrivilegeLevelEntry 5 }     

tnDevSysStatusWriteLevel OBJECT-TYPE
    SYNTAX      INTEGER(1..15)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Every group has an authorization Privilege level for 
         the following sub groups: configuration read-only, 
         configuration/execute read-write, status/statistics read-only,
         status/statistics read-write (e.g. for clearing of statistics). 
         User Privilege should be same or greater than the authorization 
         Privilege level to have the access to that group. 
        "
    ::= { tnDevSysPrivilegeLevelEntry 6 }  

    
-- tnDevSysCommandTable  
tnDevSysCommandTable OBJECT-TYPE
    SYNTAX SEQUENCE OF TnDevSysCommandEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "This table is used to maintain the system login Methods."
    ::= { tnDevSysUser 5 }

tnDevSysCommandEntry OBJECT-TYPE
    SYNTAX TnDevSysCommandEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Entries in this table correspond to the system login users."
    INDEX { tnDevSysClientIndex }
    ::= { tnDevSysCommandTable 1 }

TnDevSysCommandEntry ::=
    SEQUENCE {
         tnDevSysCmdClientIndex      Integer32,
         tnDevSysCmdMethodName       DisplayString,
         tnDevSysCmdLoginMethod      INTEGER,
         tnDevSysCmdLevel      	     INTEGER,
         tnDevSysCfgCmd              INTEGER
    }

tnDevSysCmdClientIndex OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Index of this table."
    ::= { tnDevSysCommandEntry 1 }

tnDevSysCmdMethodName OBJECT-TYPE
    SYNTAX      DisplayString (SIZE (1..64))
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The name of the Clients."
    ::= { tnDevSysCommandEntry 2 }

tnDevSysCmdLoginMethod OBJECT-TYPE
    SYNTAX      INTEGER{
                   none         (0),
                   tacacs       (3)                } 
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "It is the methods about clients login in. The value of
 	     None(0) indicating does not support login, 
 	     tacacs(3) supports tacplus. 
        "
    ::= { tnDevSysCommandEntry 3 }
    
tnDevSysCmdLevel OBJECT-TYPE
    SYNTAX      INTEGER(0..15)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Authorize all commands with a privilege level higher 
         than or equal to this level.Valid values are in the 
         range 0 to 15. 
         "
    ::= { tnDevSysCommandEntry 4 }
    
tnDevSysCfgCmd OBJECT-TYPE
    SYNTAX      INTEGER{
                   false         (0),
                   true          (1)                } 
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Also authorize configuration commands."
    ::= { tnDevSysCommandEntry 5 }
    
    
 -- tnDevSysAccountingTable  
tnDevSysAccountingTable OBJECT-TYPE
    SYNTAX SEQUENCE OF TnDevSysAccountingEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "This table is used to maintain the system login Methods."
    ::= { tnDevSysUser 6 }

tnDevSysAccountingEntry OBJECT-TYPE
    SYNTAX TnDevSysAccountingEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Entries in this table correspond to the system login users."
    INDEX { tnDevSysAccClientIndex }
    ::= { tnDevSysAccountingTable 1 }

TnDevSysAccountingEntry ::=
    SEQUENCE {
         tnDevSysAccClientIndex      Integer32,
         tnDevSysAccMethodName       DisplayString,
         tnDevSysAccLoginMethod      INTEGER,
         tnDevSysAccCmdLevel    	 INTEGER,
         tnDevSysAccExec             INTEGER
    }

tnDevSysAccClientIndex OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Index of this table."
    ::= { tnDevSysAccountingEntry 1 }

tnDevSysAccMethodName OBJECT-TYPE
    SYNTAX      DisplayString (SIZE (1..64))
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The name of the Clients."
    ::= { tnDevSysAccountingEntry 2 }   
    
tnDevSysAccLoginMethod OBJECT-TYPE
    SYNTAX      INTEGER{
                   none         (0),
                   tacacs       (3)                } 
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "It is the methods about clients login in. The value of
 	     None(0)  Accounting is disabled, 
 	     tacacs(3) Use remote TACACS+ server(s) for accounting. 
        "
    ::= { tnDevSysAccountingEntry 3 }
    

tnDevSysAccCmdLevel OBJECT-TYPE
    SYNTAX      INTEGER(0..15) 
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        " Enable accounting of all commands with a privilege level 
          higher than or equal to this level.Valid values are in 
          the range 0 to 15. Leave the field empty to disable command 
          accounting. 
        "
    ::= { tnDevSysAccountingEntry 4 }
    
   
tnDevSysAccExec OBJECT-TYPE
    SYNTAX      INTEGER{
                   false         (0),
                   true          (1)                } 
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Enable exec (login) accounting."
    ::= { tnDevSysAccountingEntry 5 }
     
END