-- =================================================================
-- Copyright (c) 2004-2016 Hangzhou H3C Tech. Co., Ltd. All rights reserved.
--
-- Description:
-- Reference:
-- Version: V2.8
-- History:
--  V1.0 Initial version 2004-07-13
--  V1.1 2004-10-12 updated by gaolong
--       Remove hyphens from DisplayString definition.
--  V2.0 2004-12-28 updated by huguohua02576
--       Add h3cUserState, h3cUserInfoRowStatus, h3cUserIndex under h3cUserInfoTable
--   Change index from h3cUserName to h3cUserIndex under h3cUserInfoTable
--       Modify h3cUserName, h3cUserPassword, h3cAuthMode, h3cUserLevel's MAX-ACCESS
--       from read-only to read-create
--       Add h3cUserAttributeTable, h3cUserMaxNum, h3cUserCurrNum and h3cUserIndexIndicator
--  V2.1 2006-02-07 updated by sunludong03130
--       Modify h3cFtpService, h3cLanAccessService, h3cSshService, h3cTelnetService,
--       h3cTerminalService, h3cFtpDirectory's description
--  V2.2 2006-12-26 updated by zhangzhancheng02444
--       Modify h3cAccessLimit, h3cFtpDirectory, h3cSlotNum, h3cSubSlotNum,
--       and h3cPortNum
--  V2.3 2008-03-13 updated by w02260
--       Add h3cExpirationDate, h3cUserGroup under h3cUserAttributeTable,
--       and add h3cUserGroupObjects
--  V2.4 2008-12-29 updated by liubo04367
--       Add h3cPortalService under h3cUserAttributeTable
--  V2.5 2012-02-28 updated by y02965
--       Add h3cUserRoleTable
--       Add h3cPPPService, h3cHttpService and h3cHttpsService under h3cUserAttributeTable
--  V2.6 2012-05-28 updated by y06401
--       Modify description of h3cAuthMode.
--       2012-10-11 updated by l04367
--       Add h3cUserIfIndex
--       Modify h3cUserRole
--  V2.7 2013-04-25 updated by q04356
--       Modified the description of h3cIdleCut
--  V2.8 2016-11-19 updated by y06401
--       Modified the description of h3cUserGroup
--       Modified the SYNTAX of h3cUserGroupName
-- =================================================================
H3C-USER-MIB DEFINITIONS ::= BEGIN
IMPORTS
    h3cCommon
        FROM HUAWEI-3COM-OID-MIB
    RowStatus, MacAddress, TEXTUAL-CONVENTION, DateAndTime, DisplayString
        FROM SNMPv2-TC
    IpAddress, Integer32, OBJECT-TYPE, MODULE-IDENTITY
        FROM SNMPv2-SMI;

h3cUser MODULE-IDENTITY
    LAST-UPDATED "201611190000Z"            -- November 19, 2016 at 00:00 GMT
    ORGANIZATION
        "Hangzhou H3C Technologies Co., Ltd."
    CONTACT-INFO
        "Platform Team Hangzhou H3C Technologies Co., Ltd.
        Hai-Dian District Beijing P.R. China
        http://www.h3c.com
        Zip:100085
        "
    DESCRIPTION
        "
        This MIB contains objects to
        Manage configuration and Monitor running state
        for userlog feature.
        "
    REVISION "201611190000Z"        -- November 19, 2016 at 00:00 GMT
    DESCRIPTION
        "Modified description of h3cUserGroup.
        Modified SYNTAX of h3cUserGroupName"
    ::= { h3cCommon 12 }


--
-- type definitions
--

-- ServiceType
ServiceType ::=  TEXTUAL-CONVENTION
    STATUS      current
    DESCRIPTION
        "enable (1)
        disable (2)
        "
    SYNTAX      INTEGER
        {
            enable(1),
            disable(2)
        }
--
-- end of type definitions
--

-- h3cUserObjects===============================================================
h3cUserObjects OBJECT IDENTIFIER ::= { h3cUser 1 }


-- h3cUserInfoTable=============================================================
h3cUserInfoTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF H3cUserInfoEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "
        Local User Info Table
        "
    ::= { h3cUserObjects 1 }

h3cUserInfoEntry OBJECT-TYPE
    SYNTAX      H3cUserInfoEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "
        The entry of h3cUserInfoTable
        "
    INDEX
        {
            h3cUserIndex
        }
    ::= { h3cUserInfoTable 1 }

H3cUserInfoEntry ::= SEQUENCE
    {
        h3cUserName             DisplayString,
        h3cUserPassword         DisplayString,
        h3cAuthMode             Integer32,
        h3cUserLevel            Integer32,
        h3cUserState            INTEGER,
        h3cUserInfoRowStatus    RowStatus,
        h3cUserIndex            Integer32
    }


h3cUserName OBJECT-TYPE
    SYNTAX      DisplayString(SIZE(1..255))
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "
        The name of local user, it must be unique.
        "
    ::= { h3cUserInfoEntry 1 }

h3cUserPassword OBJECT-TYPE
    SYNTAX      DisplayString(SIZE(0..255))
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "
        The password of local user, default is null.
        When read, h3cUserPassword always returns an Octet String of length zero.
        "
    ::= { h3cUserInfoEntry 2 }

h3cAuthMode OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "
        The encrypting type of password:
        0 : password simple, means password is entered in clean text and saved in cipher text.
        1 : password hash simple, means password is entered in clean text and saved in hash value.
        7 : password cipher, means password is entered and saved in cipher text.
        8 : password hash cipher, means password is entered and saved in hash value.
        default is 0.
        "
    ::= { h3cUserInfoEntry 3 }

h3cUserLevel OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "
        The privilege of local user
        the value range is from 0 to 3, and 0 is minimum, 3 is maximum.
        default is 0.
        "
    ::= { h3cUserInfoEntry 4 }

h3cUserState OBJECT-TYPE
    SYNTAX      INTEGER
        {
            active(0),
            block(1)
        }
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "
        The state of local user
        0: active, means local user can execute any operations that he has
           privilege to do.
        1: block, means local user can not execute any operations.
        default is active.
        "
    ::= { h3cUserInfoEntry 5 }

h3cUserInfoRowStatus OBJECT-TYPE
    SYNTAX      RowStatus
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "
        The status of this conceptual row.  Now only support CreateAndGo and
        Destroy and Active.
        "
    ::= { h3cUserInfoEntry 6 }


h3cUserIndex OBJECT-TYPE
    SYNTAX      Integer32(1..2147483646)
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "
        The index of local user
        "
    ::= { h3cUserInfoEntry 7 }

-- h3cUserAttributeTable========================================================
h3cUserAttributeTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF H3cUserAttributeEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "
        Local User Attribute Table.
        if there are data in h3cUserInfoTable, this table should have the
        relevant data.
        this table only support query and modify, but not support create and
        delete operations.
        "
    ::= { h3cUserObjects 2 }

h3cUserAttributeEntry OBJECT-TYPE
    SYNTAX      H3cUserAttributeEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The entry of h3cUserAttributeTable "
    INDEX
        {
            h3cUserIndex
        }
    ::= { h3cUserAttributeTable 1 }

H3cUserAttributeEntry ::= SEQUENCE
    {
        h3cAccessLimit         Integer32,
        h3cIdleCut             Integer32,
        h3cIPAddress           IpAddress,
        h3cNasIPAddress        IpAddress,
        h3cSlotNum             Integer32,
        h3cSubSlotNum          Integer32,
        h3cPortNum             Integer32,
        h3cMacAddress          MacAddress,
        h3cVlan                Integer32,
        h3cFtpService          ServiceType,
        h3cFtpDirectory        OCTET STRING,
        h3cLanAccessService    ServiceType,
        h3cSshService          ServiceType,
        h3cTelnetService       ServiceType,
        h3cTerminalService     ServiceType,
        h3cExpirationDate      DateAndTime,
        h3cUserGroup           DisplayString,
        h3cPortalService       ServiceType,
        h3cPPPService          ServiceType,
        h3cHttpService         ServiceType,
        h3cHttpsService        ServiceType,
        h3cUserIfIndex         Integer32
    }


h3cAccessLimit OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        The maximum user number of current user who can access devices.
        default is 0, means no limit.
        "
    ::= { h3cUserAttributeEntry 1 }

h3cIdleCut OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Valid idle time out(second),
        default is 0, means disable idle time out.
        "
    ::= { h3cUserAttributeEntry 2 }

h3cIPAddress OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Set local user's ip address.
        default is 0.0.0.0
        "
    ::= { h3cUserAttributeEntry 3 }

h3cNasIPAddress OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Set local user's ip address of network access server.
        default is 127.0.0.1, means local machine.
        "
    ::= { h3cUserAttributeEntry 4 }

h3cSlotNum OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Set local user's slot.
        default is 0.
        "
    ::= { h3cUserAttributeEntry 5 }

h3cSubSlotNum OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Set local user's sub-slot.
        default is 0.
        "
    ::= { h3cUserAttributeEntry 6 }

h3cPortNum OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Set local user's port number.
        0 is an insignificant value for initial status.
        "
    ::= { h3cUserAttributeEntry 7 }

h3cMacAddress OBJECT-TYPE
    SYNTAX      MacAddress
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Set local user's mac address.
        default is 0-0-0, means the local user do not bind any mac address.
        "
    ::= { h3cUserAttributeEntry 8 }

h3cVlan OBJECT-TYPE
    SYNTAX      Integer32(0..4094)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Set local user's vlan id.
        the value range is from 0 to 4094.
        default is 0, means the local user is not in any vlan.
        "
    ::= { h3cUserAttributeEntry 9 }

h3cFtpService OBJECT-TYPE
    SYNTAX      ServiceType
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        FTP service:
        enable
        Setting this object to the value enable has the
        effect of enabling the FTP service for the corresponding entry in the
        h3cUserAttributeTable.

        disable
        Setting this object to the value disable has the
        effect of disabling the FTP service for the corresponding entry in the
        h3cUserAttributeTable.

        The default value is disable.
        "
    ::= { h3cUserAttributeEntry 10 }

h3cFtpDirectory OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Directory of FTP user.
        default is null, means if local user has the privilege of ftp service.
        "
    ::= { h3cUserAttributeEntry 11 }

h3cLanAccessService OBJECT-TYPE
    SYNTAX      ServiceType
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Lan Access service:
        enable
        Setting this object to the value enable has the
        effect of enabling the lan access service for the corresponding entry
        in the h3cUserAttributeTable.

        disable
        Setting this object to the value disable has the
        effect of disabling the lan access service for the corresponding entry
        in the h3cUserAttributeTable.

        The default value is disable.
        "
    ::= { h3cUserAttributeEntry 12 }

h3cSshService OBJECT-TYPE
    SYNTAX      ServiceType
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        SSH service:
        enable
        Setting this object to the value enable has the
        effect of enabling the SSH service for the corresponding entry in the
        h3cUserAttributeTable.

        disable
        Setting this object to the value disable has the
        effect of disabling the SSH service for the corresponding entry in the
        h3cUserAttributeTable.

        The default value is disable.
        "
    ::= { h3cUserAttributeEntry 13 }

h3cTelnetService OBJECT-TYPE
    SYNTAX      ServiceType
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Telnet service:
        enable
        Setting this object to the value enable has the
        effect of enabling the TELNET service for the corresponding entry in the
        h3cUserAttributeTable.

        disable
        Setting this object to the value disable has the
        effect of disabling the TELNET service for the corresponding entry in the
        h3cUserAttributeTable.

        The default value is disable.
        "
    ::= { h3cUserAttributeEntry 14 }

h3cTerminalService OBJECT-TYPE
    SYNTAX      ServiceType
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Terminal service:
        enable
        Setting this object to the value enable has the
        effect of enabling the terminal service for the corresponding entry
        in the h3cUserAttributeTable.

        disable
        Setting this object to the value disable has the
        effect of disabling the terminal service for the corresponding entry
        in the h3cUserAttributeTable.

        The default value is disable.
        "
    ::= { h3cUserAttributeEntry 15 }

h3cExpirationDate OBJECT-TYPE
    SYNTAX      DateAndTime(SIZE(8))
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Expired date of user.
        The default value is 0-0-0,0:0:0.0, and means it doesn't expire for
        ever.
        "
    ::= { h3cUserAttributeEntry 16 }

h3cUserGroup      OBJECT-TYPE
    SYNTAX      DisplayString(SIZE(0..255))
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        The user group that user belongs to.
        Any user must belong to a user group.
        The default group is the 'system' group.
        "
    ::= { h3cUserAttributeEntry 17 }

h3cPortalService OBJECT-TYPE
    SYNTAX      ServiceType
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Portal service:
        enable
        Setting this object to the value enable has the
        effect of enabling the portal service for the corresponding entry
        in the h3cUserAttributeTable.

        disable
        Setting this object to the value disable has the
        effect of disabling the portal service for the corresponding entry
        in the h3cUserAttributeTable.

        The default value is disable.
        "
    ::= { h3cUserAttributeEntry 18 }

h3cPPPService OBJECT-TYPE
    SYNTAX      ServiceType
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        PPP service:
        enable
        Setting this object to the value enable has the
        effect of enabling the PPP service for the corresponding entry
        in the h3cUserAttributeTable.

        disable
        Setting this object to the value disable has the
        effect of disabling the PPP service for the corresponding entry
        in the h3cUserAttributeTable.

        The default value is disable.
        "
    ::= { h3cUserAttributeEntry 19 }

h3cHttpService OBJECT-TYPE
    SYNTAX      ServiceType
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Http service:
        enable
        Setting this object to the value enable has the
        effect of enabling the Web service for the corresponding entry
        in the h3cUserAttributeTable.

        disable
        Setting this object to the value disable has the
        effect of disabling the Web service for the corresponding entry
        in the h3cUserAttributeTable.

        The default value is disable.
        "
    ::= { h3cUserAttributeEntry 20 }

h3cHttpsService OBJECT-TYPE
    SYNTAX      ServiceType
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Https service:
        enable
        Setting this object to the value enable has the
        effect of enabling the Web service for the corresponding entry
        in the h3cUserAttributeTable.

        disable
        Setting this object to the value disable has the
        effect of disabling the Web service for the corresponding entry
        in the h3cUserAttributeTable.

        The default value is disable.
        "
    ::= { h3cUserAttributeEntry 21 }

h3cUserIfIndex OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "
        Set local user's interface index.  A value of 0 means that the interface
        index has not been assigned or the interface assigned not exist.
        The default value is 0.
        "
    ::= { h3cUserAttributeEntry 22 }

-- h3cUserMaxNum================================================================
h3cUserMaxNum OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "
        This object contains the maximum number of local users.
        "
    ::= { h3cUserObjects 3 }

-- h3cUserCurrNum===============================================================
h3cUserCurrNum OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "
        This object contains the current number of local users.
        "
    ::= { h3cUserObjects 4 }

-- h3cUserIndexIndicator========================================================
h3cUserIndexIndicator OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "
        This object contains an appropriate value to
        be used for h3cUserIndex when creating entries in the
        h3cUserInfoTable.  The value 0 indicates that no unassigned
        entries are available.  To obtain the
        h3cUserIndex value for a new
        entry, the manager issues a management
        protocol retrieval operation to obtain the
        current value of this object.  After each
        retrieval, the agent should modify the value
        to the next unassigned index.
        After a manager retrieves a value the agent will
        determine through its local policy when this index
        value will be made available for reuse.
        "
    ::= { h3cUserObjects 5 }


-- h3cUserRoleTable========================================================
h3cUserRoleTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF H3cUserRoleEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "
        Local User Role Table.
        If there is data in h3cUserInfoTable, this table should has the
        relevant data.
        "
    ::= { h3cUserObjects 6 }

h3cUserRoleEntry OBJECT-TYPE
    SYNTAX      H3cUserRoleEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The entry of h3cUserRoleTable."
    INDEX
        {
            h3cUserIndex,
            h3cUserRole
        }
    ::= { h3cUserRoleTable 1 }

H3cUserRoleEntry ::= SEQUENCE
    {
        h3cUserRole           DisplayString,
        h3cUserRoleStatus     RowStatus
    }

h3cUserRole      OBJECT-TYPE
    SYNTAX      DisplayString(SIZE(1..63))
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "
        The user's role determines the user's privilege.
        The user must be authorized one role at least.
        The default user role for a local user created by a network-admin user
        is network-operator, and the default user role for a local user created
        by an mdc-admin or level-15 user is mdc-operator.
        "
    ::= { h3cUserRoleEntry 1 }

h3cUserRoleStatus   OBJECT-TYPE
    SYNTAX   RowStatus
    MAX-ACCESS  read-create
    STATUS   current
    DESCRIPTION
        "
        This object is responsible for managing the creation, deletion and
        modification of rows, which support active status and CreateAndGo,
        Destroy operation.  To create a new row, h3cUserIndex must be specified.
        The number of rows with same h3cUserIndex cann't be more than 64.
        If the the number of rows with a h3cUserIndex is 1, this row cann't be
        destroyed.
        "
    ::= { h3cUserRoleEntry 2 }


-- h3cUserGroupObjects==========================================================
h3cUserGroupObjects OBJECT IDENTIFIER ::= { h3cUser 2 }


-- h3cUserGroupInfoTable========================================================
h3cUserGroupInfoTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF H3cUserGroupInfoEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "
        User group information table.
        "
    ::= { h3cUserGroupObjects 1 }

h3cUserGroupInfoEntry OBJECT-TYPE
    SYNTAX      H3cUserGroupInfoEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "
        The entry of h3cUserGroupInfoTable.
        "
    INDEX
        {
            h3cUserGroupName
        }
    ::= { h3cUserGroupInfoTable 1 }

H3cUserGroupInfoEntry ::= SEQUENCE
    {
        h3cUserGroupName             DisplayString,
        h3cUserGroupInfoRowStatus    RowStatus
    }

h3cUserGroupName OBJECT-TYPE
    SYNTAX      DisplayString(SIZE(1..255))
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "
        The index of user group.
        "
    ::= { h3cUserGroupInfoEntry 1 }

h3cUserGroupInfoRowStatus OBJECT-TYPE
    SYNTAX      RowStatus
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "
        The status of this conceptual row.  Only support createAndGo, destroy
        and active.
        "
    ::= { h3cUserGroupInfoEntry 2 }

END
