SUMMARY: NESTED | FIELD | | METHOD
DETAIL: FIELD | METHOD

Class CIM_Role

Used in features: Role Based
Compatible with the following Intel AMT Releases: 3.2, 4.0, 5.0, 5.1, 6.0, 6.1, 6.2, 7.0, 8.0, 8.1, 9.0, 9.5, 10.0, 11.0 
CIM_ManagedElement
   extended by CIM_Collection
      extended by CIM_Role


class CIM_Role
 extends CIM_Collection


General Information:
The Role object class is used to represent a 
position or set of responsibilities within an organization, organizational unit 
or other scope, and MAY be filled by a person or persons (or non-human entities 
represented by ManagedSystemElement subclasses) - i.e., the 'role occupants'. 
The latter MAY be explicitly associated to a Role, by associating Identities 
using MemberOfCollection. The 'position or set of responsibilities' of a Role 
are represented as a set of rights defined by instances of the Privilege class, 
and are also associated to the Role via MemberOfCollection. If Identities are 
not explicitly associated, instances of AuthorizationRule MUST be associated 
with a Role using AuthorizationRuleAppliesToRole. The rule defines how subject 
entities are authorized for a Role and to which target entities the Role 
applies. 

The Role class is defined so as to incorporate commonly-used 
LDAP attributes to permit implementations to easily derive this information from 
LDAP-accessible directories. This class's properties are a subset of a related 
class, OtherRoleInformation, which defines all the group properties and uses 
arrays for directory compatibility.

Product Specific Usage:
For 
every user in the system there is an instance of this class. It represents the 
user's role in the system. 
It's associated with a matching instance of 
CIM_Privilege by CIM_MemberOfCollection association. 
For digest users, it's 
associated with matching CIM_Identity instance by both CIM_MemberOfCollection 
and CIM_ConcreteDependency. 
For kerberos users, it's associated with a 
matching CIM_RemoteIdentity instance by both CIM_MemberOfCollection and 
CIM_ConcreteDependency.

Qualifiers:
-------------
Version=2.18.0
UMLPackagePath=CIM::User::Role









  
  

    Supported Fields 
      Summary

  

     string 
      
    ElementName 
A 
      user-friendly name for the object . . .

  

     string 
      
    CreationClassName Key  
CreationClassName indicates the name 
      of the class or the subclass used in the creation of an instance . . 
    .

  

     string 
      
    Name Key  
The Name property defines the label by which the 
      object is known . . .

  

     string 
      
    CommonName 
A Common 
      Name is a (possibly ambiguous) name by which the role is commonly known in 
      some limited scope (such as an organization) and conforms to the naming 
      conventions of the country or culture with which it is associated.

  

     uint16[2] 
      
    RoleCharacteristics 
      
RoleCharacteristics provides descriptive information about the 
      intended usage of the Role. When the value 2 "Static" is specified, no 
      modification to the role shall be allowed . . 
.




  
  

    Methods Summary

  

     
    Get(Instance) 
Gets the 
      representation of the instance

  

     
    Pull(EnumerationContext, 
      MaxElements) 
Pulls instances of this class, following an 
      Enumerate operation

  

     
    Enumerate() 
      
Enumerates the instances of this class

  

     
    Release(EnumerationContext) 
      
Releases an enumeration context




  
  

    Field 
Detail


ElementName 
public string ElementName



  
General Information:
A user-friendly name for the object. This 
  property allows each instance to define a user-friendly name in addition to 
  its key properties, identity data, and description information. 
Note that 
  the Name property of ManagedSystemElement is also defined as a user-friendly 
  name. But, it is often subclassed to be a Key. It is not reasonable that the 
  same property can convey both identity and a user-friendly name, without 
  inconsistencies. Where Name exists and is not a Key (such as for instances of 
  LogicalDevice), the same information can be present in both the Name and 
  ElementName properties. Note that if there is an associated instance of 
  CIM_EnabledLogicalElementCapabilities, restrictions on this properties may 
  exist as defined in ElementNameMask and MaxElementNameLen properties defined 
  in that class.

Product Specific Usage:
'ElementName' field 
  format is 'Intel(r) AMT:<userID>', depending on the user. 
An 
  exception is the 'admin' built-in user, where the 'ElementName' of the 
  corresponding CIM_Role instance will be 'Administrator' (with capital 
  'A').

Qualifiers:
-------------
MaxLen=64


  

  





CreationClassName Key 
public string CreationClassName



  
General Information:
CreationClassName indicates the name of the 
  class or the subclass used in the creation of an instance. When used with the 
  other key properties of this class, this property allows all instances of this 
  class and its subclasses to be uniquely identified.

Product Specific 
  Usage:
In Intel AMT Release 6.0 and later releases value is 
  "CIM_Role"

Qualifiers:
-------------
Key
MaxLen=12


  

  





Name Key 
public string Name



  
General Information:
The Name property defines the label by 
  which the object is known. In the case of an LDAP-derived instance, the Name 
  property value may be set to the distinguished name of the LDAP-accessed 
  object instance.

Product Specific Usage:
'Name' field format 
  is 'Intel(r) AMT:<userID>', depending on the user. 
An exception is 
  the 'admin' built-in user, where the 'Name' of the corresponding CIM_Role 
  instance will be 'Administrator' (with capital 
  'A').

Qualifiers:
-------------
Key
MaxLen=64


  

  





CommonName 
public string CommonName



  
General Information:
A Common Name is a (possibly ambiguous) 
  name by which the role is commonly known in some limited scope (such as an 
  organization) and conforms to the naming conventions of the country or culture 
  with which it is associated.

Product Specific 
  Usage:
Additional Notes: 
1) In Intel AMT Release 5.1 and later 
  releases, 'CommonName' format changed  from '<user name> Role' to: 
  
- For digest (non-kerberos) users: 'Intel(r) AMT:<user name>'. 
  
An exception is the 'admin' built-in user, where the 'CommonName' of the 
  corresponding CIM_Role instance will be 'Intel(r) AMT:Administrator' (with 
  capital 'A'). 
- For kerberos users, format is 'Intel(r) AMT:RemoteID 
  <user name> Role' 

2) in Intel AMT Release 6.1 and later 
  releases, the 'CommonName' format for kerberos users changed from '<user 
  name> Role'  to 'Intel(r) AMT:RemoteID <user name>'. 
  


Qualifiers:
-------------
Required
MaxLen=256


  

  





RoleCharacteristics 
public uint16[2] RoleCharacteristics



  
General Information:
RoleCharacteristics provides descriptive 
  information about the intended usage of the Role.
When the value 2 "Static" 
  is specified, no modification to the role shall be allowed. Any requests by 
  client to change the privileges or the scope of the role by modifying the 
  associated instances of CIM_Privilege or referencing associations shall 
  fail.
When the value 2 "Static" is not specified, the instance of CIM_Role 
  may be modified by a client. The modification may include changing the scope 
  of the role or rights granted. When the value 3 "Opaque" is specified, the 
  rights granted by the CIM_Role instance shall not be explicitly modeled 
  through aggregation of instances of CIM_Privilege.
When the value 3 
  "Opaque" is not specified, the rights granted by the instance of CIM_Role 
  shall be explicitly modeled through aggregation of instances of 
  CIM_Privilege.

Qualifiers:
-------------
ValueMap={2, 3, 
  .., 32000..65535}
Values={Static, Opaque, DMTF Reserved, Vendor 
  Specific}


  

  






  
  

    Method 
Detail


Get
public  Get([OUT]CIM_Role Instance)



  
Permission Information:
This method is accessible from any 
  realm

General Information:
Gets the representation of the 
  instance

Product Specific Usage:
Additional Notes: 
1) 
  'Get' in Intel AMT Release 3.2 until release 5.1 is permitted only to 
  'ADMIN_SECURITY_ADMINISTRATION_REALM' and 
  'ADMIN_SECURITY_USER_ACCESS_CONTROL_REALM' 
2) 'Get' in Intel AMT Release 
  6.0 and later releases is permitted to all realms.





Pull
public  Pull([IN]String EnumerationContext, [IN]String MaxElements)



  
Permission Information:
All users permitted to use method, only 
  instances to whom the user has permissions will be returned

General 
  Information:
Pulls instances of this class, following an Enumerate 
  operation





Enumerate
public  Enumerate()



  
Permission Information:
All users permitted to use 
  method

General Information:
Enumerates the instances of this 
  class





Release
public  Release([IN]String EnumerationContext)



  
Permission Information:
All users permitted to use 
  method

General Information:
Releases an enumeration 
  context






  
  

    SUMMARY: NESTED | FIELD | METHOD
  

  

    DETAIL: FIELD | METHOD



  
  

    
      
Copyright © 2006-2022, Intel 
      Corporation. All rights 
reserved.