AuthorizedPrivilege class

Represents authorization information for an Account instance, which specifies account privileges to activities.

The following syntax is simplified from MOF code and includes all inherited properties.

Syntax

[Dynamic, Provider("IPMIPrv"), AMENDMENT]
class AuthorizedPrivilege : CIM_AuthorizedPrivilege
{
  string  Caption;
  string  Description;
  string  ElementName;
  string  InstanceID;
  boolean PrivilegeGranted = TRUE;
  uint16  Activities[];
  string  ActivityQualifiers[];
  uint16  QualifierFormats[];
};

Members

The AuthorizedPrivilege class has these types of members:

Properties

The AuthorizedPrivilege class has these properties.

Activities
Data type: uint16 array
Access type: Read-only
Qualifiers: ArrayType ("Indexed"), ModelCorrespondence ("CIM_Privilege.ActivityQualifiers")

An enumeration indicating the activities that are granted or denied. These activities apply to all entities specified in the ActivityQualifiers array.

Detect (4) indicates that the existence or presence of an entity may be determined, but not necessarily specific data, which requires the Read privilege.

This property is inherited from CIM_Privilege.

Other (1)

Create (2)

Delete (3)

Detect (4)

Read (5)

Write (6)

Execute (7)

DMTF Reserved

8–15999

Vendor Reserved

16000–65535
ActivityQualifiers
Data type: string array
Access type: Read-only
Qualifiers: ArrayType ("Indexed"), ModelCorrespondence ("CIM_Privilege.Activities", "CIM_Privilege.QualifierFormats")

An array of values used to further qualify and specify the privileges granted or denied. For example, it is used to specify a set of files for which Read or Write access is permitted or denied. The semantics of the individual entries in ActivityQualifiers are provided in corresponding entries in the QualifierFormats array.

This property is inherited from CIM_Privilege.

Caption
Data type: string
Access type: Read-only
Qualifiers: MaxLen (64)

A short textual description of the object.

This property is inherited from CIM_ManagedElement.

Description
Data type: string
Access type: Read-only

A textual description of the object.

This property is inherited from CIM_ManagedElement.

ElementName
Data type: string
Access type: Read-only

A user-friendly name for the object. This property allows each instance to define a user-friendly name in addition to its key properties/identity data, and description information.

This property is inherited from CIM_ManagedElement.

InstanceID
Data type: string
Access type: Read-only
Qualifiers: Key

Opaquely and uniquely identifies an instance of this class within the scope of the instantiating Namespace. To ensure uniqueness within the NameSpace, the value of InstanceID should be constructed using the following format:

<OrgID>:<LocalID>

<OrgID> must include a copyrighted, trademarked or otherwise unique name that is owned by the business entity creating the InstanceID, or is a registered ID that is assigned to the business entity by a recognized global authority. <OrgID> must not contain a colon (":"). The first colon to appear in InstanceID must be between <OrgID> and <LocalID>.

<LocalID> is chosen by the business entity and should not be re-used to identify different underlying elements.

If the above format is not used, the defining entity must assure that the resultant InstanceID is not re-used by this or other providers for this instance's NameSpace.

For DMTF defined instances, the format must have <OrgID> set to "CIM".

This property is inherited from CIM_Privilege.

PrivilegeGranted
Data type: boolean
Access type: Read-only

Whether the privilege is granted. The default is to grant permission.

This property is inherited from CIM_Privilege.

QualifierFormats
Data type: uint16 array
Access type: Read-only
Qualifiers: ArrayType ("Indexed"), ModelCorrespondence ("CIM_Privilege.ActivityQualifiers")

Defines the semantics of corresponding entries in the ActivityQualifiers array.

This property is inherited from CIM_Privilege.

The possible values, with examples, are.

Class Name (2)

If the authorization target is a CIM Service or a Namespace, the ActivityQualifiers entries can define a list of classes that the authorized subject is able to create or delete.

<Class.>Property (3)

If the authorization target is a CIM Service, Namespace or Collection of instances, the ActivityQualifiers entries can define the class properties that can or cannot be accessed. Since these targets can manage multiple classes, the class names are included to avoid ambiguity.

If the authorization target is an individual instance, there is no possible ambiguity and the class name may be omitted.

Use the "*" wildcard character to specify all properties.

<Class.>Method (4)

Usage is similar to <Class.>Property (3).

Use the "*" wildcard character to specify all properties.

Object Reference (5)

If the authorization target is a CIM Service or Namespace, the ActivityQualifiers entries can define a list of object references that the authorized subject can access.

Namespace (6)

If the authorization target is a CIM Service, then the ActivityQualifiers entries can define a list of Namespaces that the authorized subject can access.

URL (7)

An authorization target may not be defined, but a Privilege could be used to deny access to specific URLs.

Directory/File Name (8)

If the authorization target is a file system, then the ActivityQualifiers entries can define a list of directories and files whose access is protected.

Command Line Instruction (9)

If the authorization target is a compute system or service, then the ActivityQualifiers entries can define a list of command line instructions that can or cannot be run by the authorized subjects.

DMTF Reserved

Vendor Reserved

Requirements

Minimum supported client

Windows Vista

Minimum supported server

Windows Server 2008

Namespace

Root\hardware

MOF

IpmiPrv.mof

DLL

IpmiPrv.dll

See also

CIM_AuthorizedPrivilege
IPMI Provider

 

 

Show: