SUMMARY: NESTED | FIELD | | METHOD
DETAIL: FIELD | METHOD

Class CIM_IEEE8021xSettings

Used in features: Wireless , Endpoint Access Control
Compatible with the following Intel AMT Releases: 4.0, 6.0, 6.1, 6.2, 7.0, 8.0, 8.1, 9.0, 9.5, 10.0, 11.0 
CIM_ManagedElement
   extended by CIM_SettingData
      extended by CIM_IEEE8021xSettings
Known Subclasses:
IPS_IEEE8021xSettings 
class CIM_IEEE8021xSettings
 extends CIM_SettingData


General Information:
IEEE8021xSettings specifies a set of IEEE 
802.1x Port-Based Network Access Control settings that can be applied to a ISO 
OSI layer 2 
ProtocolEndpoint.

Qualifiers:
-------------
Version=2.22.0
UMLPackagePath=CIM::Network::IEEE8021x









  
  

    Supported Fields 
      Summary

  

     string 
      
    ElementName 
The 
      user-friendly name for this instance of SettingData . . .

  

     string 
      
    InstanceID Key  
Within the scope of the instantiating Namespace, 
      InstanceID opaquely and uniquely identifies an instance of this class . . 
      .

  

     uint16 
      
    AuthenticationProtocol 
      
AuthenticationProtocol shall indicate the desired EAP 
      (Extensible Authentication Protocol) type. * EAP-TLS (0): shall indicate 
      that the desired EAP type is the Transport Layer Security EAP type 
      specified in RFC 2716 . . .

  

     string 
      
    RoamingIdentity 
      
A string presented to the authentication server in 802.1x 
      protocol exchange . . .

  

     string 
      
    ServerCertificateName 
The 
      name that shall be compared against the subject name field in the 
      certificate provided by the AAA server . . .

  

     uint16 
      
    ServerCertificateNameComparison 
      
The comparison algorithm that shall be used by the server to 
      validate the subject name field of the certificate presented by the AAA 
      server against the value of the ServerCertificateName property.

  

     string 
      
    Username 
Identifies 
      the user requesting access to the network.

  

     string 
      
    Password 
A password 
      associated with the user identified by Username within Domain.

  

     string 
      
    Domain 
The domain (also 
      known as realm) within which Username is unique.

  

     uint8[256] 
      
    ProtectedAccessCredential 
      
A credential used by the supplicant and AAA server to establish 
      a mutually authenticated encrypted tunnel for confidential user 
      authentication.

  

     string 
      
    PACPassword 
      
Optional password to extract the PAC (Protected Access 
      Credential) information from the PAC data.

  

     uint8[256] 
      
    PSK 
A pre-shared key used 
      for pre-shared key EAP types such as EAP-PSK, EAP-SIM, and 
    EAP-AKA.




  
  

    Methods Summary

  

     
    Get(Instance) 
Gets the 
      representation of the instance

  

     
    Pull(EnumerationContext, 
      MaxElements) 
Pulls instances of this class, following an 
      Enumerate operation

  

     
    Enumerate() 
      
Enumerates the instances of this class

  

     
    Release(EnumerationContext) 
      
Releases an enumeration context




  
  

    Field 
Detail


ElementName 
public string ElementName



  
General Information:
The user-friendly name for this instance of 
  SettingData. In addition, the user-friendly name can be used as an index 
  property for a search or query. (Note: The name does not have to be unique 
  within a namespace.)

Product Specific Usage:
The WLAN profile 
  name

Qualifiers:
-------------
Required
Override=ElementName
MaxLen=40


  

  





InstanceID Key 
public string InstanceID



  
General Information:
Within the scope of the instantiating 
  Namespace, InstanceID opaquely and uniquely identifies an instance of this 
  class. To ensure uniqueness within the NameSpace, the value of InstanceID 
  should be constructed using the following "preferred" algorithm: 
  
<OrgID>:<LocalID> 
Where <OrgID> and <LocalID> 
  are separated by a colon (:), and where <OrgID> must include a 
  copyrighted, trademarked, or otherwise unique name that is owned by the 
  business entity that is creating or defining the InstanceID or that is a 
  registered ID assigned to the business entity by a recognized global 
  authority. (This requirement is similar to the <Schema Name>_<Class 
  Name> structure of Schema class names.) In addition, to ensure uniqueness, 
  <OrgID> must not contain a colon (:). When using this algorithm, the 
  first colon to appear in InstanceID must appear between <OrgID> and 
  <LocalID>. 
<LocalID> is chosen by the business entity and 
  should not be reused to identify different underlying (real-world) elements. 
  If the above "preferred" algorithm is not used, the defining entity must 
  assure that the resulting InstanceID is not reused across any InstanceIDs 
  produced by this or other providers for the NameSpace of this instance. 
  
For DMTF-defined instances, the "preferred" algorithm must be used with 
  the <OrgID> set to CIM.

Product Specific Usage:
In 
  Intel AMT Release 6.0 and later releases value is "Intel(r) AMT:IEEE 802.1x 
  Settings %s" where %s is the profile 
  name

Qualifiers:
-------------
Key
Override=InstanceID
MaxLen=100


  

  





AuthenticationProtocol 
public uint16 AuthenticationProtocol



  
General Information:
AuthenticationProtocol shall indicate the 
  desired EAP (Extensible Authentication Protocol) type.
* EAP-TLS (0): shall 
  indicate that the desired EAP type is the Transport Layer Security EAP type 
  specified in RFC 2716. If AuthenticationProtocol contains 0, Username should 
  not be null, ServerCertificateName and ServerCertificateNameComparison may be 
  null or not null, and RoamingIdentity, Password, Domain, 
  ProtectedAccessCredential, PACPassword, and PSK should be null.
* 
  EAP-TTLS/MSCHAPv2 (1): shall indicate that the desired EAP type is the 
  Tunneled TLS Authentication Protocol EAP type specified in 
  draft-ietf-pppext-eap-ttls, with Microsoft PPP CHAP Extensions, Version 2 
  (MSCHAPv2) as the inner authentication method. If AuthenticationProtocol 
  contains 1, Username and Password should not be null, RoamingIdentity, 
  ServerCertificateName, ServerCertificateNameComparison, and Domain may be null 
  or not null, and ProtectedAccessCredential, PACPassword, and PSK should be 
  null.
* PEAPv0/EAP-MSCHAPv2 (2): shall indicate that the desired EAP type 
  is the Protected Extensible Authentication Protocol (PEAP) Version 0 EAP type 
  specified in draft-kamath-pppext-peapv0, with Microsoft PPP CHAP Extensions, 
  Version 2 (MSCHAPv2) as the inner authentication method. If 
  AuthenticationProtocol contains2, Username and Password should not be null, 
  RoamingIdentity, ServerCertificateName, ServerCertificateNameComparison, and 
  Domain may be null or not null, and ProtectedAccessCredential, PACPassword, 
  and PSK should be null.
* PEAPv1/EAP-GTC (3): shall indicate that the 
  desired EAP type is the Protected Extensible Authentication Protocol (PEAP) 
  Version 1 EAP type specified in draft-josefsson-pppext-eap-tls-eap, with 
  Generic Token Card (GTC) as the inner authentication method. If 
  AuthenticationProtocol contains 3, Username and Password should not be null, 
  RoamingIdentity, ServerCertificateName, ServerCertificateNameComparison, and 
  Domain may be null or not null, and ProtectedAccessCredential, PACPassword, 
  and PSK should be null.
* EAP-FAST/MSCHAPv2 (4): shall indicate that the 
  desired EAP type is the Flexible Authentication Extensible Authentication 
  Protocol EAP type specified in IETF RFC 4851, with Microsoft PPP CHAP 
  Extensions, Version 2 (MSCHAPv2) as the inner authentication method. If 
  AuthenticationProtocol contains 4, Username and Password should not be null, 
  RoamingIdentity, ServerCertificateName, ServerCertificateNameComparison, 
  Domain, ProtectedAccessCredential, and PACPassword may be null or not null, 
  and PSK should be null.
* EAP-FAST/GTC (5): shall indicate that the desired 
  EAP type is the Flexible Authentication Extensible Authentication Protocol EAP 
  type specified in IETF RFC 4851, with Generic Token Card (GTC) as the inner 
  authentication method. If AuthenticationProtocol contains 5, Username and 
  Password should not be null, RoamingIdentity, ServerCertificateName, 
  ServerCertificateNameComparison, Domain, ProtectedAccessCredential, and 
  PACPassword may be null or not null, and PSK should be null.
* EAP-MD5 (6): 
  shall indicate that the desired EAP type is the EAP MD5 authentication method, 
  specified in RFC 3748. If AuthenticationProtocol contains 6, Username and 
  Password should not be null, Domain may be null or not null, and 
  RoamingIdentity, ServerCertificateName, ServerCertificateNameComparison, 
  ProtectedAccessCredential, PACPassword, and PSK should be null.
* EAP-PSK 
  (7): shall indicate that the desired EAP type is the EAP-PSK (Pre-Shared Key) 
  EAP type specified in RFC 4764. If AuthenticationProtocol contains 7, Username 
  and PSK should not be null, Domain and RoamingIdentity may be null or not 
  null, and Password, ServerCertificateName, ServerCertificateNameComparison, 
  ProtectedAccessCredential, and PACPassword should be null.
* EAP-SIM (8): 
  shall indicate that the desired EAP type is the Extensible Authentication 
  Protocol Method for Global System for Mobile Communications (GSM) Subscriber 
  Identity Modules (EAP-SIM), specified in RFC 4186. If AuthenticationProtocol 
  contains 8, Username and PSK should not be null, Domain and RoamingIdentity 
  may be null or not null, and Password, ServerCertificateName, 
  ServerCertificateNameComparison, ProtectedAccessCredential, and PACPassword 
  should be null.
* EAP-AKA (9): shall indicate that the desired EAP type is 
  the EAP Method for 3rd Generation Authentication and Key Agreement (EAP-AKA), 
  specified in RFC 4187. If AuthenticationProtocol contains 9, Username and PSK 
  should not be null, Domain and RoamingIdentity may be null or not null, and 
  Password, ServerCertificateName, ServerCertificateNameComparison, 
  ProtectedAccessCredential, and PACPassword should be null.
* EAP-FAST/TLS 
  (10): shall indicate that the desired EAP type is the Flexible Authentication 
  EAP type specified in IETF RFC 4851, with TLS as the inner authentication 
  method. If AuthenticationProtocol contains 10, Username and Password should 
  not be null, RoamingIdentity, ServerCertificateName, 
  ServerCertificateNameComparison, Domain, ProtectedAccessCredential, and 
  PACPassword may be null or not null, and PSK should be null.

Product 
  Specific Usage:
Can be one of the values in 
  CIM_IEEE8021xCapabilitites.SupportedAuthenticaion

Qualifiers:
-------------
ValueMap={0, 
  1, 2, 3, 4, 5, 6, 7, 8, 9, 10, ..}
Values={EAP-TLS, EAP-TTLS/MSCHAPv2, 
  PEAPv0/EAP-MSCHAPv2, PEAPv1/EAP-GTC, EAP-FAST/MSCHAPv2, EAP-FAST/GTC, EAP-MD5, 
  EAP-PSK, EAP-SIM, EAP-AKA, EAP-FAST/TLS, DMTF 
  Reserved}
MappingStrings={RFC4017.IETF, RFC2716.IETF, 
  draft-ietf-pppext-eap-ttls.IETF, draft-kamath-pppext-peapv0.IETF, 
  draft-josefsson-pppext-eap-tls-eap, RFC4851.IETF, RFC3748.IETF, RFC4764.IETF, 
  RFC4186.IETF, RFC4187.IETF}


  

  





RoamingIdentity 
public string RoamingIdentity



  
General Information:
A string presented to the authentication 
  server in 802.1x protocol exchange. The AAA server determines the format of 
  this string. Formats supported by AAA servers include: 
  <domain>\<username>, 
  <username>@<domain>.

Qualifiers:
-------------
MaxLen=80


  

  





ServerCertificateName 
public string ServerCertificateName



  
General Information:
The name that shall be compared against the 
  subject name field in the certificate provided by the AAA server. Shall 
  contain either the fully qualified domain name of the AAA server, in which 
  case ServerCertificateNameComparison shall contain "FullName", or the domain 
  suffix of the AAA server, in which case ServerCertificateNameComparison shall 
  contain 
  "DomainSuffix".

Qualifiers:
-------------
ModelCorrespondence={CIM_IEEE8021xSettings.ServerCertificateNameComparison}
MaxLen=80


  

  





ServerCertificateNameComparison 
public uint16 ServerCertificateNameComparison



  
General Information:
The comparison algorithm that shall be used 
  by the server to validate the subject name field of the certificate presented 
  by the AAA server against the value of the ServerCertificateName 
  property.

Product Specific Usage:
Should be used when 
  ServerCertificateName isn't 
  empty.

Qualifiers:
-------------
ValueMap={1, 2, 3, 
  ..}
Values={Other, FullName, DomainSuffix, DMTF 
  Reserved}
ModelCorrespondence={CIM_IEEE8021xSettings.ServerCertificateName}


  

  





Username 
public string Username



  
General Information:
Identifies the user requesting access to 
  the 
  network.

Qualifiers:
-------------
MappingStrings={RFC2716.IETF, 
  draft-ietf-pppext-eap-ttls.IETF, draft-kamath-pppext-peapv0.IETF, 
  draft-josefsson-pppext-eap-tls-eap, RFC4851.IETF, RFC3748.IETF, RFC4764.IETF, 
  RFC4186.IETF, RFC4187.IETF}
MaxLen=128


  

  





Password 
public string Password



  
General Information:
A password associated with the user 
  identified by Username within Domain.

Product Specific 
  Usage:
The property is write-only (due to security 
  issue)

Qualifiers:
-------------
MappingStrings={draft-ietf-pppext-eap-ttls.IETF, 
  draft-kamath-pppext-peapv0.IETF, draft-josefsson-pppext-eap-tls-eap, 
  RFC4851.IETF, RFC3748.IETF}
MaxLen=256


  

  





Domain 
public string Domain



  
General Information:
The domain (also known as realm) within 
  which Username is 
  unique.

Qualifiers:
-------------
MappingStrings={draft-ietf-pppext-eap-ttls.IETF, 
  draft-kamath-pppext-peapv0.IETF, draft-josefsson-pppext-eap-tls-eap, 
  RFC4851.IETF, RFC3748.IETF, RFC4764.IETF, RFC4186.IETF, 
  RFC4187.IETF}
MaxLen=256


  

  





ProtectedAccessCredential 
public uint8[256] ProtectedAccessCredential



  
General Information:
A credential used by the supplicant and AAA 
  server to establish a mutually authenticated encrypted tunnel for confidential 
  user authentication.

Product Specific Usage:
The property is 
  write-only (due to security 
  issue)

Qualifiers:
-------------
OctetString
MappingStrings={RFC4851.IETF}


  

  





PACPassword 
public string PACPassword



  
General Information:
Optional password to extract the PAC 
  (Protected Access Credential) information from the PAC data.

Product 
  Specific Usage:
The property is write-only (due to security 
  issue)

Qualifiers:
-------------
MappingStrings={RFC4851.IETF}
MaxLen=256


  

  





PSK 
public uint8[256] PSK



  
General Information:
A pre-shared key used for pre-shared key 
  EAP types such as EAP-PSK, EAP-SIM, and EAP-AKA.

Product Specific 
  Usage:
The property is write-only (due to security 
  issue)

Qualifiers:
-------------
OctetString
MappingStrings={RFC4764.IETF, 
  RFC4186.IETF, RFC4187.IETF}


  

  






  
  

    Method 
Detail


Get
public  Get([OUT]CIM_IEEE8021xSettings Instance)



  
Permission Information:
Permitted realms: 
  ADMIN_SECURITY_ADMINISTRATION_REALM, 
  ADMIN_SECURITY_GENERAL_INFO_REALM

General Information:
Gets 
  the representation of the instance





Pull
public  Pull([IN]String EnumerationContext, [IN]String MaxElements)



  
Permission Information:
All users permitted to use method, only 
  instances to whom the user has permissions will be returned

General 
  Information:
Pulls instances of this class, following an Enumerate 
  operation





Enumerate
public  Enumerate()



  
Permission Information:
All users permitted to use 
  method

General Information:
Enumerates the instances of this 
  class





Release
public  Release([IN]String EnumerationContext)



  
Permission Information:
All users permitted to use 
  method

General Information:
Releases an enumeration 
  context






  
  

    SUMMARY: NESTED | FIELD | METHOD
  

  

    DETAIL: FIELD | METHOD



  
  

    
      
Copyright © 2006-2022, Intel 
      Corporation. All rights 
reserved.