TIMETRA-LDAP-MIB DEFINITIONS ::= BEGIN

IMPORTS
    InetAddress, InetAddressType
                                                         FROM INET-ADDRESS-MIB
    MODULE-COMPLIANCE, NOTIFICATION-GROUP,
    OBJECT-GROUP
                                                         FROM SNMPv2-CONF
    MODULE-IDENTITY, NOTIFICATION-TYPE,
    OBJECT-TYPE, Unsigned32
                                                         FROM SNMPv2-SMI
    DisplayString, RowStatus, TimeStamp,
    TruthValue
                                                         FROM SNMPv2-TC
    timetraSRMIBModules, tmnxSRConfs,
    tmnxSRNotifyPrefix, tmnxSRObjs
                                                         FROM TIMETRA-GLOBAL-MIB
    TNamedItemOrEmpty, TTcpUdpPort,
    TmnxAdminState, TmnxLongDisplayString,
    TmnxOperState
                                                         FROM TIMETRA-TC-MIB
    ;

timetraLdapMIBModule             MODULE-IDENTITY
    LAST-UPDATED "201602010000Z"
    ORGANIZATION "Nokia"
    CONTACT-INFO
        "Nokia SROS Support
         Web: http://www.nokia.com"
    DESCRIPTION
        "This document is the SNMP MIB module for the Nokia SROS implementation
         of LDAP.

         Copyright 2003-2018 Nokia. All rights reserved. Reproduction of this
         document is authorized on the condition that the foregoing copyright
         notice is included.

         This SNMP MIB module (Specification) embodies Nokia's
         proprietary intellectual property.  Nokia retains all
         title and ownership in the Specification, including any
         revisions.

         Nokia grants all interested parties a non-exclusive license to use and
         distribute an unmodified copy of this Specification in connection with
         management of Nokia products, and without fee, provided this copyright
         notice and license appear on all copies.

         This Specification is supplied `as is', and Nokia makes no warranty,
         either express or implied, as to the use, operation, condition, or
         performance of the Specification."

    REVISION    "201602010000Z"
    DESCRIPTION
        "Rev 14.0               1 Feb 2016 00:00
         Initial version of the TIMETRA-LDAP-MIB."

    ::= { timetraSRMIBModules 106 }

tmnxLdapObjs                     OBJECT IDENTIFIER ::= { tmnxSRObjs 106 }

tmnxLdapScalarObjs               OBJECT IDENTIFIER ::= { tmnxLdapObjs 1 }

tmnxLdapScalarStatsObjs          OBJECT IDENTIFIER ::= { tmnxLdapScalarObjs 1 }

tmnxLdapServerTableLastChanged   OBJECT-TYPE
    SYNTAX      TimeStamp
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerTableLastChanged indicates the
         timestamp of the last change to the tmnxLdapServerTable.

         A value of 0 indicates that no changes were made to this table since
         the system was last initialized."
    ::= { tmnxLdapScalarStatsObjs 1 }

tmnxLdapScalarConfigObjs         OBJECT IDENTIFIER ::= { tmnxLdapScalarObjs 2 }

tmnxLdapAdminState               OBJECT-TYPE
    SYNTAX      TmnxAdminState
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapAdminState specifies the desired
         administrative state of the LDAP protocol operation. The value 'noop'
         is never allowed."
    DEFVAL      { inService }
    ::= { tmnxLdapScalarConfigObjs 1 }

tmnxLdapOperState                OBJECT-TYPE
    SYNTAX      TmnxOperState
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapOperState indicates the operational
         state of the LDAP protocol.

         If the value is 'outOfService' then the LDAP protocol is not available
         for use. If the value is 'inService' then the LDAP protocol is
         available for use. The value will be 'inService' if the value of the
         object tmnxLdapServerOperState of at least one LDAP server is in
         'inService' state.

         If the value of this object changes from 'outOfService' to 'inService'
         or from 'inService' to 'outOfService' then tmnxLdapOperStateChange
         notification will be sent."
    ::= { tmnxLdapScalarConfigObjs 2 }

tmnxLdapRetryAttempts            OBJECT-TYPE
    SYNTAX      Unsigned32 (1..10)
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapRetryAttempts specifies the number of
         times an attempt to connect to an LDAP server should be retried."
    DEFVAL      { 3 }
    ::= { tmnxLdapScalarConfigObjs 3 }

tmnxLdapTimeout                  OBJECT-TYPE
    SYNTAX      Unsigned32 (1..90)
    UNITS       "Seconds"
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapTimeout specifies the number of
         seconds to wait before timing out an LDAP server connection attempt."
    DEFVAL      { 3 }
    ::= { tmnxLdapScalarConfigObjs 4 }

tmnxLdapUseTemplate              OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapUseTemplate specifies whether the LDAP
         user template is actively applied to the LDAP user, if no user profile
         data are returned from the LDAP server."
    DEFVAL      { true }
    ::= { tmnxLdapScalarConfigObjs 5 }

tmnxLdapPublicKeyAuthentication  OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapPublicKeyAuthentication specifies
         whether to use SSH public key ('true') or LDAP ('false') for
         authentication."
    DEFVAL      { false }
    ::= { tmnxLdapScalarConfigObjs 6 }

tmnxLdapConfigObjs               OBJECT IDENTIFIER ::= { tmnxLdapObjs 2 }

tmnxLdapServerTable              OBJECT-TYPE
    SYNTAX      SEQUENCE OF TmnxLdapServerEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The tmnxLdapServerEntry has an entry for each LDAP server connection.
         The table can have up to a maximum of 5 entries."
    ::= { tmnxLdapConfigObjs 1 }

tmnxLdapServerEntry              OBJECT-TYPE
    SYNTAX      TmnxLdapServerEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "tmnxLdapServerEntry is an entry (conceptual row) in the
         tmnxLdapServerTable. Each entry represents the configuration for an
         LDAP server connection.

         Entries in this table can be created and deleted via SNMP SET
         operations to tmnxLdapServerRowStatus."
    INDEX       { tmnxLdapServerIndex }
    ::= { tmnxLdapServerTable 1 }

TmnxLdapServerEntry              ::= SEQUENCE
{
    tmnxLdapServerIndex              Unsigned32,
    tmnxLdapServerLastChanged        TimeStamp,
    tmnxLdapServerRowStatus          RowStatus,
    tmnxLdapServerAdminState         TmnxAdminState,
    tmnxLdapServerOperState          TmnxOperState,
    tmnxLdapServerInetAddressType    InetAddressType,
    tmnxLdapServerInetAddress        InetAddress,
    tmnxLdapServerPort               TTcpUdpPort,
    tmnxLdapServerBindAuthRootDn     TmnxLongDisplayString,
    tmnxLdapServerBindAuthPassword   DisplayString,
    tmnxLdapServerName               TNamedItemOrEmpty,
    tmnxLdapServerSearch             TmnxLongDisplayString,
    tmnxLdapServerTlsProfile         TNamedItemOrEmpty
}

tmnxLdapServerIndex              OBJECT-TYPE
    SYNTAX      Unsigned32 (1..5)
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerIndex specifies a unique LDAP
         server connection."
    ::= { tmnxLdapServerEntry 1 }

tmnxLdapServerLastChanged        OBJECT-TYPE
    SYNTAX      TimeStamp
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerLastChanged indicates the
         timestamp of the last change to this row in tmnxLdapServerTable."
    ::= { tmnxLdapServerEntry 2 }

tmnxLdapServerRowStatus          OBJECT-TYPE
    SYNTAX      RowStatus
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerRowStatus specifies the status
         of the conceptual row in tmnxLdapServerTable. Rows are created and
         destroyed by SNMP SET operations on this object.

         Only values 'active(1)', 'createAndGo(4)' and 'destroy(6)' are
         supported."
    ::= { tmnxLdapServerEntry 3 }

tmnxLdapServerAdminState         OBJECT-TYPE
    SYNTAX      TmnxAdminState
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerAdminState specifies the desired
         administrative state of the LDAP server connection. The value 'noop'
         is never allowed."
    DEFVAL      { outOfService }
    ::= { tmnxLdapServerEntry 4 }

tmnxLdapServerOperState          OBJECT-TYPE
    SYNTAX      TmnxOperState
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerOperState indicates the
         operational state of this LDAP server connection. The value of this
         object is updated periodically if the health check functionality is
         enabled, otherwise its value is updated when connection to the LDAP
         server is attempted.

         If the value is 'outOfService' then this LDAP server connection is not
         available for use. If the value is 'inService' then this LDAP server
         connection is available for use.

         If the value of this object changes from 'outOfService' to 'inService'
         or from 'inService' to 'outOfService' then
         tmnxLdapServerOperStateChange notification will be sent."
    ::= { tmnxLdapServerEntry 5 }

tmnxLdapServerInetAddressType    OBJECT-TYPE
    SYNTAX      InetAddressType
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerInetAddressType specifies the
         address type of tmnxLdapServerInetAddress address.

         The value of tmnxLdapServerInetAddressType can be either of
         InetAddressType - 'unknown' or InetAddressType - 'ipv4' or
         InetAddressType - 'ipv6'."
    DEFVAL      { unknown }
    ::= { tmnxLdapServerEntry 6 }

tmnxLdapServerInetAddress        OBJECT-TYPE
    SYNTAX      InetAddress (SIZE (0|4|16))
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerInetAddress specifies the IP
         address of the LDAP server."
    DEFVAL      { ''H }
    ::= { tmnxLdapServerEntry 7 }

tmnxLdapServerPort               OBJECT-TYPE
    SYNTAX      TTcpUdpPort (1..65535)
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerPort specifies the number of IP
         port on which to contact the LDAP server."
    DEFVAL      { 389 }
    ::= { tmnxLdapServerEntry 8 }

tmnxLdapServerBindAuthRootDn     OBJECT-TYPE
    SYNTAX      TmnxLongDisplayString (SIZE (0..512))
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerBindAuthRootDn specifies the
         distinguished name used to authenticate with the LDAP server."
    DEFVAL      { ''H }
    ::= { tmnxLdapServerEntry 9 }

tmnxLdapServerBindAuthPassword   OBJECT-TYPE
    SYNTAX      DisplayString (SIZE (0..128))
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerBindAuthPassword specifies the
         password used to authenticate with the LDAP server."
    DEFVAL      { ''H }
    ::= { tmnxLdapServerEntry 10 }

tmnxLdapServerName               OBJECT-TYPE
    SYNTAX      TNamedItemOrEmpty
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerName specifies the name assigned
         to this LDAP server by a user."
    DEFVAL      { ''H }
    ::= { tmnxLdapServerEntry 11 }

tmnxLdapServerSearch             OBJECT-TYPE
    SYNTAX      TmnxLongDisplayString (SIZE (0..512))
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerSearch specifies the base
         distinguished name for a search of user credentials."
    DEFVAL      { ''H }
    ::= { tmnxLdapServerEntry 12 }

tmnxLdapServerTlsProfile         OBJECT-TYPE
    SYNTAX      TNamedItemOrEmpty
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "The value of the object tmnxLdapServerTlsProfile specifies a TLS
         certificate profile name used by this LDAP server connection."
    DEFVAL      { ''H }
    ::= { tmnxLdapServerEntry 13 }

tmnxLdapStatsObjs                OBJECT IDENTIFIER ::= { tmnxLdapObjs 3 }

tmnxLdapNotificationObjs         OBJECT IDENTIFIER ::= { tmnxLdapObjs 10 }

tmnxLdapConformance              OBJECT IDENTIFIER ::= { tmnxSRConfs 106 }

tmnxLdapCompliances              OBJECT IDENTIFIER ::= { tmnxLdapConformance 1 }

tmnxLdapCompliance               MODULE-COMPLIANCE
    STATUS      current
    DESCRIPTION
        "The compliance statement for the management of the LDAP feature on
         Nokia SROS series systems."
    MODULE
        MANDATORY-GROUPS {
            tmnxLdapInitialGroup,
            tmnxLdapNotifyGroup
        }
    ::= { tmnxLdapCompliances 1 }

tmnxLdapGroups                   OBJECT IDENTIFIER ::= { tmnxLdapConformance 2 }

tmnxLdapInitialGroups            OBJECT IDENTIFIER ::= { tmnxLdapGroups 1 }

tmnxLdapInitialGroup             OBJECT-GROUP
    OBJECTS     {
        tmnxLdapAdminState,
        tmnxLdapOperState,
        tmnxLdapRetryAttempts,
        tmnxLdapTimeout,
        tmnxLdapUseTemplate,
        tmnxLdapPublicKeyAuthentication,
        tmnxLdapServerTableLastChanged,
        tmnxLdapServerLastChanged,
        tmnxLdapServerRowStatus,
        tmnxLdapServerAdminState,
        tmnxLdapServerOperState,
        tmnxLdapServerInetAddressType,
        tmnxLdapServerInetAddress,
        tmnxLdapServerPort,
        tmnxLdapServerBindAuthRootDn,
        tmnxLdapServerBindAuthPassword,
        tmnxLdapServerName,
        tmnxLdapServerSearch,
        tmnxLdapServerTlsProfile
    }
    STATUS      current
    DESCRIPTION
        "The group of objects supporting management of LDAP capabilities on
         Nokia SROS series systems."
    ::= { tmnxLdapInitialGroups 1 }

tmnxLdapNotifyGroup              NOTIFICATION-GROUP
    NOTIFICATIONS {
        tmnxLdapOperStateChange,
        tmnxLdapServerOperStateChange
    }
    STATUS      current
    DESCRIPTION
        "The group of notifications supporting LDAP feature on Nokia SROS
         systems."
    ::= { tmnxLdapInitialGroups 2 }

tmnxLdapNotifyPrefix             OBJECT IDENTIFIER ::= { tmnxSRNotifyPrefix 106 }

tmnxLdapNotifications            OBJECT IDENTIFIER ::= { tmnxLdapNotifyPrefix 0 }

tmnxLdapOperStateChange          NOTIFICATION-TYPE
    OBJECTS     {
        tmnxLdapOperState
    }
    STATUS      current
    DESCRIPTION
        "[CAUSE]The tmnxLdapOperStateChange notification is generated when the
         tmnxLdapOperState has transitioned either from 'outOfService' to
         'inService' or from 'inService' to 'outOfService' state.

         [EFFECT]If tmnxLdapOperState has transitioned to 'outOfService' state
         then the LDAP protocol is not available for use. If tmnxLdapOperState
         has transitioned to 'inService' state then the LDAP protocol is
         available for use.

         [RECOVERY]If the new state corresponds to the value of
         tmnxLdapAdminState, then this is desirable behavior and no recovery is
         needed. If the new state of the tmnxLdapOperState object is
         'outOfService' while the value of the object tmnxLdapAdminState is
         'inService', make sure that the value of tmnxLdapServerOperState of at
         least one LDAP server connection is 'inService'."
    ::= { tmnxLdapNotifications 1 }

tmnxLdapServerOperStateChange    NOTIFICATION-TYPE
    OBJECTS     {
        tmnxLdapServerName,
        tmnxLdapServerOperState,
        tmnxLdapServerInetAddressType,
        tmnxLdapServerInetAddress,
        tmnxLdapServerPort
    }
    STATUS      current
    DESCRIPTION
        "[CAUSE]The tmnxLdapServerOperStateChange notification is generated
         when the tmnxLdapServerOperState has transitioned either from
         'outOfService' to 'inService' or from 'inService' to 'outOfService'
         state.

         [EFFECT]If tmnxLdapServerOperState has transitioned to 'outOfService'
         state then the particular LDAP server connection is not available for
         use. If tmnxLdapServerOperState has transitioned to 'inService' state
         then the particular LDAP server connection is available for use.

         [RECOVERY]If the new state corresponds to the
         tmnxLdapServerAdminState, then this is the desirable behavior and no
         recovery is needed. If the new state of the tmnxLdapServerOperState
         object is 'outOfService' while the value of the object
         tmnxLdapServerAdminState is 'inService', make sure that the LDAP
         server connection parameters are properly configured and the LDAP
         server is reachable."
    ::= { tmnxLdapNotifications 2 }

END
