1 SNMP-VIEW-BASED-ACM-MIB DEFINITIONS ::= BEGIN
4 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
5 MODULE-IDENTITY, OBJECT-TYPE,
6 snmpModules FROM SNMPv2-SMI
8 RowStatus, StorageType FROM SNMPv2-TC
11 SnmpSecurityModel FROM SNMP-FRAMEWORK-MIB;
13 snmpVacmMIB MODULE-IDENTITY
14 LAST-UPDATED "200210160000Z" -- 16 Oct 2002, midnight
15 ORGANIZATION "SNMPv3 Working Group"
16 CONTACT-INFO "WG-email: snmpv3@lists.tislabs.com
17 Subscribe: majordomo@lists.tislabs.com
18 In message body: subscribe snmpv3
21 Network Associates Laboratories
22 postal: 15204 Omega Drive, Suite 300
23 Rockville, MD 20850-4601
25 email: mundy@tislabs.com
26 phone: +1 301-947-7107
28 Co-Chair: David Harrington
30 Postal: 35 Industrial Way
32 Rochester, New Hampshire 03866-5005
34 EMail: dbh@enterasys.com
35 Phone: +1 603-337-2614
37 Co-editor: Bert Wijnen
42 email: bwijnen@lucent.com
43 phone: +31-348-480-685
45 Co-editor: Randy Presuhn
50 postal: 2141 North First Street
53 email: randy_presuhn@bmc.com
54 phone: +1 408-546-1006
56 Co-editor: Keith McCloghrie
58 postal: 170 West Tasman Drive
59 San Jose, CA 95134-1706
62 phone: +1-408-526-5260
64 DESCRIPTION "The management information definitions for the
65 View-based Access Control Model for SNMP.
67 Copyright (C) The Internet Society (2002). This
68 version of this MIB module is part of RFC 3415;
69 see the RFC itself for full legal notices.
73 REVISION "200210160000Z" -- 16 Oct 2002, midnight
74 DESCRIPTION "Clarifications, published as RFC3415"
76 REVISION "199901200000Z" -- 20 Jan 1999, midnight
77 DESCRIPTION "Clarifications, published as RFC2575"
79 REVISION "199711200000Z" -- 20 Nov 1997, midnight
80 DESCRIPTION "Initial version, published as RFC2275"
82 ::= { snmpModules 16 }
84 -- Administrative assignments ****************************************
86 vacmMIBObjects OBJECT IDENTIFIER ::= { snmpVacmMIB 1 }
87 vacmMIBConformance OBJECT IDENTIFIER ::= { snmpVacmMIB 2 }
89 -- Information about Local Contexts **********************************
91 vacmContextTable OBJECT-TYPE
92 SYNTAX SEQUENCE OF VacmContextEntry
93 MAX-ACCESS not-accessible
95 DESCRIPTION "The table of locally available contexts.
97 This table provides information to SNMP Command
101 Generator applications so that they can properly
102 configure the vacmAccessTable to control access to
103 all contexts at the SNMP entity.
105 This table may change dynamically if the SNMP entity
106 allows that contexts are added/deleted dynamically
107 (for instance when its configuration changes). Such
108 changes would happen only if the management
109 instrumentation at that SNMP entity recognizes more
112 The presence of entries in this table and of entries
113 in the vacmAccessTable are independent. That is, a
114 context identified by an entry in this table is not
115 necessarily referenced by any entries in the
116 vacmAccessTable; and the context(s) referenced by an
117 entry in the vacmAccessTable does not necessarily
118 currently exist and thus need not be identified by an
121 This table must be made accessible via the default
122 context so that Command Responder applications have
123 a standard way of retrieving the information.
125 This table is read-only. It cannot be configured via
128 ::= { vacmMIBObjects 1 }
130 vacmContextEntry OBJECT-TYPE
131 SYNTAX VacmContextEntry
132 MAX-ACCESS not-accessible
134 DESCRIPTION "Information about a particular context."
138 ::= { vacmContextTable 1 }
140 VacmContextEntry ::= SEQUENCE
142 vacmContextName SnmpAdminString
145 vacmContextName OBJECT-TYPE
146 SYNTAX SnmpAdminString (SIZE(0..32))
152 DESCRIPTION "A human readable name identifying a particular
153 context at a particular SNMP entity.
155 The empty contextName (zero length) represents the
158 ::= { vacmContextEntry 1 }
160 -- Information about Groups ******************************************
162 vacmSecurityToGroupTable OBJECT-TYPE
163 SYNTAX SEQUENCE OF VacmSecurityToGroupEntry
164 MAX-ACCESS not-accessible
166 DESCRIPTION "This table maps a combination of securityModel and
167 securityName into a groupName which is used to define
168 an access control policy for a group of principals.
170 ::= { vacmMIBObjects 2 }
172 vacmSecurityToGroupEntry OBJECT-TYPE
173 SYNTAX VacmSecurityToGroupEntry
174 MAX-ACCESS not-accessible
176 DESCRIPTION "An entry in this table maps the combination of a
177 securityModel and securityName into a groupName.
183 ::= { vacmSecurityToGroupTable 1 }
185 VacmSecurityToGroupEntry ::= SEQUENCE
187 vacmSecurityModel SnmpSecurityModel,
188 vacmSecurityName SnmpAdminString,
189 vacmGroupName SnmpAdminString,
190 vacmSecurityToGroupStorageType StorageType,
191 vacmSecurityToGroupStatus RowStatus
194 vacmSecurityModel OBJECT-TYPE
195 SYNTAX SnmpSecurityModel(1..2147483647)
196 MAX-ACCESS not-accessible
198 DESCRIPTION "The Security Model, by which the vacmSecurityName
199 referenced by this entry is provided.
203 Note, this object may not take the 'any' (0) value.
205 ::= { vacmSecurityToGroupEntry 1 }
207 vacmSecurityName OBJECT-TYPE
208 SYNTAX SnmpAdminString (SIZE(1..32))
209 MAX-ACCESS not-accessible
211 DESCRIPTION "The securityName for the principal, represented in a
212 Security Model independent format, which is mapped by
213 this entry to a groupName.
215 ::= { vacmSecurityToGroupEntry 2 }
217 vacmGroupName OBJECT-TYPE
218 SYNTAX SnmpAdminString (SIZE(1..32))
219 MAX-ACCESS read-create
221 DESCRIPTION "The name of the group to which this entry (e.g., the
222 combination of securityModel and securityName)
225 This groupName is used as index into the
226 vacmAccessTable to select an access control policy.
227 However, a value in this table does not imply that an
228 instance with the value exists in table vacmAccesTable.
230 ::= { vacmSecurityToGroupEntry 3 }
232 vacmSecurityToGroupStorageType OBJECT-TYPE
234 MAX-ACCESS read-create
236 DESCRIPTION "The storage type for this conceptual row.
237 Conceptual rows having the value 'permanent' need not
238 allow write-access to any columnar objects in the row.
240 DEFVAL { nonVolatile }
241 ::= { vacmSecurityToGroupEntry 4 }
243 vacmSecurityToGroupStatus OBJECT-TYPE
245 MAX-ACCESS read-create
247 DESCRIPTION "The status of this conceptual row.
249 Until instances of all corresponding columns are
250 appropriately configured, the value of the
254 corresponding instance of the vacmSecurityToGroupStatus
255 column is 'notReady'.
257 In particular, a newly created row cannot be made
258 active until a value has been set for vacmGroupName.
260 The RowStatus TC [RFC2579] requires that this
261 DESCRIPTION clause states under which circumstances
262 other objects in this row can be modified:
264 The value of this object has no effect on whether
265 other objects in this conceptual row can be modified.
267 ::= { vacmSecurityToGroupEntry 5 }
269 -- Information about Access Rights ***********************************
271 vacmAccessTable OBJECT-TYPE
272 SYNTAX SEQUENCE OF VacmAccessEntry
273 MAX-ACCESS not-accessible
275 DESCRIPTION "The table of access rights for groups.
277 Each entry is indexed by a groupName, a contextPrefix,
278 a securityModel and a securityLevel. To determine
279 whether access is allowed, one entry from this table
280 needs to be selected and the proper viewName from that
281 entry must be used for access control checking.
283 To select the proper entry, follow these steps:
285 1) the set of possible matches is formed by the
286 intersection of the following sets of entries:
288 the set of entries with identical vacmGroupName
289 the union of these two sets:
290 - the set with identical vacmAccessContextPrefix
291 - the set of entries with vacmAccessContextMatch
292 value of 'prefix' and matching
293 vacmAccessContextPrefix
294 intersected with the union of these two sets:
295 - the set of entries with identical
297 - the set of entries with vacmSecurityModel
299 intersected with the set of entries with
300 vacmAccessSecurityLevel value less than or equal
301 to the requested securityLevel
305 2) if this set has only one member, we're done
306 otherwise, it comes down to deciding how to weight
307 the preferences between ContextPrefixes,
308 SecurityModels, and SecurityLevels as follows:
309 a) if the subset of entries with securityModel
310 matching the securityModel in the message is
311 not empty, then discard the rest.
312 b) if the subset of entries with
313 vacmAccessContextPrefix matching the contextName
314 in the message is not empty,
315 then discard the rest
316 c) discard all entries with ContextPrefixes shorter
317 than the longest one remaining in the set
318 d) select the entry with the highest securityLevel
320 Please note that for securityLevel noAuthNoPriv, all
321 groups are really equivalent since the assumption that
322 the securityName has been authenticated does not hold.
324 ::= { vacmMIBObjects 4 }
326 vacmAccessEntry OBJECT-TYPE
327 SYNTAX VacmAccessEntry
328 MAX-ACCESS not-accessible
330 DESCRIPTION "An access right configured in the Local Configuration
331 Datastore (LCD) authorizing access to an SNMP context.
333 Entries in this table can use an instance value for
334 object vacmGroupName even if no entry in table
335 vacmAccessSecurityToGroupTable has a corresponding
336 value for object vacmGroupName.
338 INDEX { vacmGroupName,
339 vacmAccessContextPrefix,
340 vacmAccessSecurityModel,
341 vacmAccessSecurityLevel
343 ::= { vacmAccessTable 1 }
345 VacmAccessEntry ::= SEQUENCE
347 vacmAccessContextPrefix SnmpAdminString,
348 vacmAccessSecurityModel SnmpSecurityModel,
349 vacmAccessSecurityLevel SnmpSecurityLevel,
350 vacmAccessContextMatch INTEGER,
351 vacmAccessReadViewName SnmpAdminString,
352 vacmAccessWriteViewName SnmpAdminString,
356 vacmAccessNotifyViewName SnmpAdminString,
357 vacmAccessStorageType StorageType,
358 vacmAccessStatus RowStatus
361 vacmAccessContextPrefix OBJECT-TYPE
362 SYNTAX SnmpAdminString (SIZE(0..32))
363 MAX-ACCESS not-accessible
365 DESCRIPTION "In order to gain the access rights allowed by this
366 conceptual row, a contextName must match exactly
367 (if the value of vacmAccessContextMatch is 'exact')
368 or partially (if the value of vacmAccessContextMatch
369 is 'prefix') to the value of the instance of this
372 ::= { vacmAccessEntry 1 }
374 vacmAccessSecurityModel OBJECT-TYPE
375 SYNTAX SnmpSecurityModel
376 MAX-ACCESS not-accessible
378 DESCRIPTION "In order to gain the access rights allowed by this
379 conceptual row, this securityModel must be in use.
381 ::= { vacmAccessEntry 2 }
383 vacmAccessSecurityLevel OBJECT-TYPE
384 SYNTAX SnmpSecurityLevel
385 MAX-ACCESS not-accessible
387 DESCRIPTION "The minimum level of security required in order to
388 gain the access rights allowed by this conceptual
389 row. A securityLevel of noAuthNoPriv is less than
390 authNoPriv which in turn is less than authPriv.
392 If multiple entries are equally indexed except for
393 this vacmAccessSecurityLevel index, then the entry
394 which has the highest value for
395 vacmAccessSecurityLevel is selected.
397 ::= { vacmAccessEntry 3 }
399 vacmAccessContextMatch OBJECT-TYPE
401 { exact (1), -- exact match of prefix and contextName
402 prefix (2) -- Only match to the prefix
407 MAX-ACCESS read-create
409 DESCRIPTION "If the value of this object is exact(1), then all
410 rows where the contextName exactly matches
411 vacmAccessContextPrefix are selected.
413 If the value of this object is prefix(2), then all
414 rows where the contextName whose starting octets
415 exactly match vacmAccessContextPrefix are selected.
416 This allows for a simple form of wildcarding.
419 ::= { vacmAccessEntry 4 }
421 vacmAccessReadViewName OBJECT-TYPE
422 SYNTAX SnmpAdminString (SIZE(0..32))
423 MAX-ACCESS read-create
425 DESCRIPTION "The value of an instance of this object identifies
426 the MIB view of the SNMP context to which this
427 conceptual row authorizes read access.
429 The identified MIB view is that one for which the
430 vacmViewTreeFamilyViewName has the same value as the
431 instance of this object; if the value is the empty
432 string or if there is no active MIB view having this
433 value of vacmViewTreeFamilyViewName, then no access
436 DEFVAL { ''H } -- the empty string
437 ::= { vacmAccessEntry 5 }
439 vacmAccessWriteViewName OBJECT-TYPE
440 SYNTAX SnmpAdminString (SIZE(0..32))
441 MAX-ACCESS read-create
443 DESCRIPTION "The value of an instance of this object identifies
444 the MIB view of the SNMP context to which this
445 conceptual row authorizes write access.
447 The identified MIB view is that one for which the
448 vacmViewTreeFamilyViewName has the same value as the
449 instance of this object; if the value is the empty
450 string or if there is no active MIB view having this
451 value of vacmViewTreeFamilyViewName, then no access
454 DEFVAL { ''H } -- the empty string
458 ::= { vacmAccessEntry 6 }
460 vacmAccessNotifyViewName OBJECT-TYPE
461 SYNTAX SnmpAdminString (SIZE(0..32))
462 MAX-ACCESS read-create
464 DESCRIPTION "The value of an instance of this object identifies
465 the MIB view of the SNMP context to which this
466 conceptual row authorizes access for notifications.
468 The identified MIB view is that one for which the
469 vacmViewTreeFamilyViewName has the same value as the
470 instance of this object; if the value is the empty
471 string or if there is no active MIB view having this
472 value of vacmViewTreeFamilyViewName, then no access
475 DEFVAL { ''H } -- the empty string
476 ::= { vacmAccessEntry 7 }
478 vacmAccessStorageType OBJECT-TYPE
480 MAX-ACCESS read-create
482 DESCRIPTION "The storage type for this conceptual row.
484 Conceptual rows having the value 'permanent' need not
485 allow write-access to any columnar objects in the row.
487 DEFVAL { nonVolatile }
488 ::= { vacmAccessEntry 8 }
490 vacmAccessStatus OBJECT-TYPE
492 MAX-ACCESS read-create
494 DESCRIPTION "The status of this conceptual row.
496 The RowStatus TC [RFC2579] requires that this
497 DESCRIPTION clause states under which circumstances
498 other objects in this row can be modified:
500 The value of this object has no effect on whether
501 other objects in this conceptual row can be modified.
503 ::= { vacmAccessEntry 9 }
505 -- Information about MIB views ***************************************
509 -- Support for instance-level granularity is optional.
511 -- In some implementations, instance-level access control
512 -- granularity may come at a high performance cost. Managers
513 -- should avoid requesting such configurations unnecessarily.
515 vacmMIBViews OBJECT IDENTIFIER ::= { vacmMIBObjects 5 }
517 vacmViewSpinLock OBJECT-TYPE
519 MAX-ACCESS read-write
521 DESCRIPTION "An advisory lock used to allow cooperating SNMP
522 Command Generator applications to coordinate their
523 use of the Set operation in creating or modifying
526 When creating a new view or altering an existing
527 view, it is important to understand the potential
528 interactions with other uses of the view. The
529 vacmViewSpinLock should be retrieved. The name of
530 the view to be created should be determined to be
531 unique by the SNMP Command Generator application by
532 consulting the vacmViewTreeFamilyTable. Finally,
533 the named view may be created (Set), including the
535 If another SNMP Command Generator application has
536 altered the views in the meantime, then the spin
537 lock's value will have changed, and so this creation
538 will fail because it will specify the wrong value for
541 Since this is an advisory lock, the use of this lock
544 ::= { vacmMIBViews 1 }
546 vacmViewTreeFamilyTable OBJECT-TYPE
547 SYNTAX SEQUENCE OF VacmViewTreeFamilyEntry
548 MAX-ACCESS not-accessible
550 DESCRIPTION "Locally held information about families of subtrees
553 Each MIB view is defined by two sets of view subtrees:
554 - the included view subtrees, and
555 - the excluded view subtrees.
556 Every such view subtree, both the included and the
560 excluded ones, is defined in this table.
562 To determine if a particular object instance is in
563 a particular MIB view, compare the object instance's
564 OBJECT IDENTIFIER with each of the MIB view's active
565 entries in this table. If none match, then the
566 object instance is not in the MIB view. If one or
567 more match, then the object instance is included in,
568 or excluded from, the MIB view according to the
569 value of vacmViewTreeFamilyType in the entry whose
570 value of vacmViewTreeFamilySubtree has the most
571 sub-identifiers. If multiple entries match and have
572 the same number of sub-identifiers (when wildcarding
573 is specified with the value of vacmViewTreeFamilyMask),
574 then the lexicographically greatest instance of
575 vacmViewTreeFamilyType determines the inclusion or
578 An object instance's OBJECT IDENTIFIER X matches an
579 active entry in this table when the number of
580 sub-identifiers in X is at least as many as in the
581 value of vacmViewTreeFamilySubtree for the entry,
582 and each sub-identifier in the value of
583 vacmViewTreeFamilySubtree matches its corresponding
584 sub-identifier in X. Two sub-identifiers match
585 either if the corresponding bit of the value of
586 vacmViewTreeFamilyMask for the entry is zero (the
587 'wild card' value), or if they are equal.
589 A 'family' of subtrees is the set of subtrees defined
590 by a particular combination of values of
591 vacmViewTreeFamilySubtree and vacmViewTreeFamilyMask.
593 In the case where no 'wild card' is defined in the
594 vacmViewTreeFamilyMask, the family of subtrees reduces
597 When creating or changing MIB views, an SNMP Command
598 Generator application should utilize the
599 vacmViewSpinLock to try to avoid collisions. See
600 DESCRIPTION clause of vacmViewSpinLock.
602 When creating MIB views, it is strongly advised that
603 first the 'excluded' vacmViewTreeFamilyEntries are
604 created and then the 'included' entries.
606 When deleting MIB views, it is strongly advised that
607 first the 'included' vacmViewTreeFamilyEntries are
611 deleted and then the 'excluded' entries.
613 If a create for an entry for instance-level access
614 control is received and the implementation does not
615 support instance-level granularity, then an
616 inconsistentName error must be returned.
618 ::= { vacmMIBViews 2 }
620 vacmViewTreeFamilyEntry OBJECT-TYPE
621 SYNTAX VacmViewTreeFamilyEntry
622 MAX-ACCESS not-accessible
624 DESCRIPTION "Information on a particular family of view subtrees
625 included in or excluded from a particular SNMP
628 Implementations must not restrict the number of
629 families of view subtrees for a given MIB view,
630 except as dictated by resource constraints on the
631 overall number of entries in the
632 vacmViewTreeFamilyTable.
634 If no conceptual rows exist in this table for a given
635 MIB view (viewName), that view may be thought of as
636 consisting of the empty set of view subtrees.
638 INDEX { vacmViewTreeFamilyViewName,
639 vacmViewTreeFamilySubtree
641 ::= { vacmViewTreeFamilyTable 1 }
643 VacmViewTreeFamilyEntry ::= SEQUENCE
645 vacmViewTreeFamilyViewName SnmpAdminString,
646 vacmViewTreeFamilySubtree OBJECT IDENTIFIER,
647 vacmViewTreeFamilyMask OCTET STRING,
648 vacmViewTreeFamilyType INTEGER,
649 vacmViewTreeFamilyStorageType StorageType,
650 vacmViewTreeFamilyStatus RowStatus
653 vacmViewTreeFamilyViewName OBJECT-TYPE
654 SYNTAX SnmpAdminString (SIZE(1..32))
655 MAX-ACCESS not-accessible
657 DESCRIPTION "The human readable name for a family of view subtrees.
662 ::= { vacmViewTreeFamilyEntry 1 }
664 vacmViewTreeFamilySubtree OBJECT-TYPE
665 SYNTAX OBJECT IDENTIFIER
666 MAX-ACCESS not-accessible
668 DESCRIPTION "The MIB subtree which when combined with the
669 corresponding instance of vacmViewTreeFamilyMask
670 defines a family of view subtrees.
672 ::= { vacmViewTreeFamilyEntry 2 }
674 vacmViewTreeFamilyMask OBJECT-TYPE
675 SYNTAX OCTET STRING (SIZE (0..16))
676 MAX-ACCESS read-create
678 DESCRIPTION "The bit mask which, in combination with the
679 corresponding instance of vacmViewTreeFamilySubtree,
680 defines a family of view subtrees.
682 Each bit of this bit mask corresponds to a
683 sub-identifier of vacmViewTreeFamilySubtree, with the
684 most significant bit of the i-th octet of this octet
685 string value (extended if necessary, see below)
686 corresponding to the (8*i - 7)-th sub-identifier, and
687 the least significant bit of the i-th octet of this
688 octet string corresponding to the (8*i)-th
689 sub-identifier, where i is in the range 1 through 16.
691 Each bit of this bit mask specifies whether or not
692 the corresponding sub-identifiers must match when
693 determining if an OBJECT IDENTIFIER is in this
694 family of view subtrees; a '1' indicates that an
695 exact match must occur; a '0' indicates 'wild card',
696 i.e., any sub-identifier value matches.
698 Thus, the OBJECT IDENTIFIER X of an object instance
699 is contained in a family of view subtrees if, for
700 each sub-identifier of the value of
701 vacmViewTreeFamilySubtree, either:
703 the i-th bit of vacmViewTreeFamilyMask is 0, or
705 the i-th sub-identifier of X is equal to the i-th
706 sub-identifier of the value of
707 vacmViewTreeFamilySubtree.
709 If the value of this bit mask is M bits long and
713 there are more than M sub-identifiers in the
714 corresponding instance of vacmViewTreeFamilySubtree,
715 then the bit mask is extended with 1's to be the
718 Note that when the value of this object is the
719 zero-length string, this extension rule results in
720 a mask of all-1's being used (i.e., no 'wild card'),
721 and the family of view subtrees is the one view
722 subtree uniquely identified by the corresponding
723 instance of vacmViewTreeFamilySubtree.
725 Note that masks of length greater than zero length
726 do not need to be supported. In this case this
727 object is made read-only.
730 ::= { vacmViewTreeFamilyEntry 3 }
732 vacmViewTreeFamilyType OBJECT-TYPE
733 SYNTAX INTEGER { included(1), excluded(2) }
734 MAX-ACCESS read-create
736 DESCRIPTION "Indicates whether the corresponding instances of
737 vacmViewTreeFamilySubtree and vacmViewTreeFamilyMask
738 define a family of view subtrees which is included in
739 or excluded from the MIB view.
742 ::= { vacmViewTreeFamilyEntry 4 }
744 vacmViewTreeFamilyStorageType OBJECT-TYPE
746 MAX-ACCESS read-create
748 DESCRIPTION "The storage type for this conceptual row.
750 Conceptual rows having the value 'permanent' need not
751 allow write-access to any columnar objects in the row.
753 DEFVAL { nonVolatile }
754 ::= { vacmViewTreeFamilyEntry 5 }
756 vacmViewTreeFamilyStatus OBJECT-TYPE
758 MAX-ACCESS read-create
760 DESCRIPTION "The status of this conceptual row.
764 The RowStatus TC [RFC2579] requires that this
765 DESCRIPTION clause states under which circumstances
766 other objects in this row can be modified:
768 The value of this object has no effect on whether
769 other objects in this conceptual row can be modified.
771 ::= { vacmViewTreeFamilyEntry 6 }
773 -- Conformance information *******************************************
775 vacmMIBCompliances OBJECT IDENTIFIER ::= { vacmMIBConformance 1 }
776 vacmMIBGroups OBJECT IDENTIFIER ::= { vacmMIBConformance 2 }
778 -- Compliance statements *********************************************
780 vacmMIBCompliance MODULE-COMPLIANCE
782 DESCRIPTION "The compliance statement for SNMP engines which
783 implement the SNMP View-based Access Control Model
786 MODULE -- this module
787 MANDATORY-GROUPS { vacmBasicGroup }
789 OBJECT vacmAccessContextMatch
791 DESCRIPTION "Write access is not required."
793 OBJECT vacmAccessReadViewName
795 DESCRIPTION "Write access is not required."
797 OBJECT vacmAccessWriteViewName
799 DESCRIPTION "Write access is not required."
801 OBJECT vacmAccessNotifyViewName
803 DESCRIPTION "Write access is not required."
805 OBJECT vacmAccessStorageType
807 DESCRIPTION "Write access is not required."
809 OBJECT vacmAccessStatus
811 DESCRIPTION "Create/delete/modify access to the
815 vacmAccessTable is not required.
818 OBJECT vacmViewTreeFamilyMask
819 WRITE-SYNTAX OCTET STRING (SIZE (0))
821 DESCRIPTION "Support for configuration via SNMP of subtree
822 families using wild-cards is not required.
825 OBJECT vacmViewTreeFamilyType
827 DESCRIPTION "Write access is not required."
829 OBJECT vacmViewTreeFamilyStorageType
831 DESCRIPTION "Write access is not required."
833 OBJECT vacmViewTreeFamilyStatus
835 DESCRIPTION "Create/delete/modify access to the
836 vacmViewTreeFamilyTable is not required.
838 ::= { vacmMIBCompliances 1 }
840 -- Units of conformance **********************************************
842 vacmBasicGroup OBJECT-GROUP
846 vacmSecurityToGroupStorageType,
847 vacmSecurityToGroupStatus,
848 vacmAccessContextMatch,
849 vacmAccessReadViewName,
850 vacmAccessWriteViewName,
851 vacmAccessNotifyViewName,
852 vacmAccessStorageType,
855 vacmViewTreeFamilyMask,
856 vacmViewTreeFamilyType,
857 vacmViewTreeFamilyStorageType,
858 vacmViewTreeFamilyStatus
861 DESCRIPTION "A collection of objects providing for remote
862 configuration of an SNMP engine which implements
866 the SNMP View-based Access Control Model.
868 ::= { vacmMIBGroups 1 }