| SUMMARY: NESTED | FIELD | | METHOD |
| DETAIL: FIELD | METHOD |
Class CIM_RoleBasedManagementCapabilities
Used in features: Role BasedCompatible with the following Intel AMT Releases: 3.2, 4.0, 5.0, 5.1, 6.0, 6.1, 6.2, 7.0, 8.0, 8.1, 9.0, 9.5, 10.0, 11.0
CIM_ManagedElementCIM_Capabilities
- extends CIM_PrivilegeManagementCapabilities
class CIM_RoleBasedManagementCapabilities
General Information:
A subclass that extends the capabilities of
the
CIM_RoleBasedAuthorizationService.
Qualifiers:
-------------
Version=2.18.0
UMLPackagePath=CIM::User::Privilege
| Supported Fields Summary | |
|---|---|
uint16[25]
|
QualifierFormatsSupported
Defines the semantics of corresponding entries in the ActivityQualifierSupported array . . . |
string[25]
|
ActivityQualifiersSupported
The ActivityQualifiersSupported property is an array of string values used to further qualify and specify the supported activities of privileges . . . |
uint16[25]
|
ActivitiesSupported
A super set of activities that could be granted or denied to a role or an identity by the associated privileges . . . |
boolean
|
SharedPrivilegeSupported
Set to TRUE if this PrivilegeManagementService supports association of multiple subjects or targets to a particular Privilege . . . |
string
|
InstanceID Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class . . . |
string
|
ElementName The user friendly name for this instance of Capabilities . . . |
uint16[2]
|
SupportedMethods
The enumeration values "ChangeAccess", "ShowAccess", "AssignAccess", "RevokeAccess", "CreateRole", "ModifyRole", "AssignRoles", "ShowRoles", and "DeleteRole" corresponds to support for the like-named method of the RoleBasedAuthorizationService . . . |
| Methods Summary | |
|---|---|
|
Get(Instance) Gets the representation of the instance |
|
Pull(EnumerationContext,
MaxElements) Pulls instances of this class, following an Enumerate operation |
|
Enumerate()
Enumerates the instances of this class |
|
Release(EnumerationContext)
Releases an enumeration context |
| Field Detail |
|---|
QualifierFormatsSupported
public uint16[25] QualifierFormatsSupported
- General Information:
Defines the semantics of corresponding entries in the ActivityQualifierSupported array. The QualifierSupported property of the instances of CIM_Privilege that are associated to the role or the identity MUST contain only the values enumerated in the QualifierSupported array property. Refer to the CIM_Privilege.QualifierSupported property for the detailed description of values.
Product Specific Usage:
Additional Notes:
1) 'Array Max Length' qualifier in Intel AMT Release 3.2 is '19'.
2) 'Max Length' qualifier in Intel AMT Release 6.0 and later releases is '25'. Matching array to ActivityQualifiersSupported, each entry contains the value 'Vendor Reserved" (16000)
Qualifiers:
-------------
ValueMap={2, 3, 4, 5, 6, 7, 8, 9, 10, 11, .., 16000..}
Values={Class Name, <Class.>Property, <Class.>Method, Object Reference, Namespace, URL, Directory/File Name, Command Line Instruction, SCSI Command, Packets, DMTF Reserved, Vendor Reserved}
ArrayType=Indexed
ModelCorrespondence={CIM_Privilege.ActivityQualifiers}
ActivityQualifiersSupported
public string[25] ActivityQualifiersSupported
- General Information:
The ActivityQualifiersSupported property is an array of string values used to further qualify and specify the supported activities of privileges. The ActivityQualifiers property of the instances of CIM_Privilege that are associated to the role or the identity MUST contain only the values enumerated in the ActivityQualifiersSupported array property. Details on the semantics of the individual entries in ActivityQualifiersSupported are provided by corresponding entries in the QualifierFormatsSupported array. Refer to the CIM_Privilege.ActivityQualifiers property for the detailed description of values.
Product Specific Usage:
Additional Notes:
1) 'Array Max Length' qualifier in Intel AMT Release 3.2 is '19'.
2) 'Max Length' qualifier in Intel AMT Release 3.2 is '10'.
3) 'Max Length' qualifier in Intel AMT Release 6.0 and later releases is '25'. Contains an entry for every possible realm in the system (see CIM_Privilege ActivityQualifiers documentation)
Qualifiers:
-------------
ArrayType=Indexed
ModelCorrespondence={CIM_PrivilegeManagementCapabilities.ActivitiesSupported, CIM_Privilege.QualifierFormats}
MaxLen=15
ActivitiesSupported
public uint16[25] ActivitiesSupported
- General Information:
A super set of activities that could be granted or denied to a role or an identity by the associated privileges. The Activities property of the instances of CIM_Privilege that are associated to the role or the identity MUST contain only the values enumerated in the ActivitiesSupported array property. The supported activities apply to all entities specified in the ActivityQualifiersSupported array. Refer to the CIM_Privilege.Activities property for the detailed description of values.
Product Specific Usage:
Additional Notes:
1) 'Array Max Length' qualifier in Intel AMT Release 3.2 is '19'.
2) 'Max Length' qualifier in Intel AMT Release 6.0 and later releases is '25'. Matching array to ActivityQualifiersSupported, each entry contains the value 'Execute" (7)
Qualifiers:
-------------
ValueMap={1, 2, 3, 4, 5, 6, 7, .., 16000..}
Values={Other, Create, Delete, Detect, Read, Write, Execute, DMTF Reserved, Vendor Reserved}
ArrayType=Indexed
ModelCorrespondence={CIM_PrivilegeManagementCapabilities.ActivityQualifiersSupported}
SharedPrivilegeSupported
public boolean SharedPrivilegeSupported
- General Information:
Set to TRUE if this PrivilegeManagementService supports association of multiple subjects or targets to a particular Privilege. If False, the AssignAccess method supports at most one entry each in the Subjects and Targets parameters.
Product Specific Usage:
In Intel AMT Release 6.0 and later releases value is false.
InstanceID 
public string InstanceID
- General Information:
Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. In order to ensure uniqueness within the NameSpace, the value of InstanceID SHOULD be constructed using the following 'preferred' algorithm:
<OrgID>:<LocalID>
Where <OrgID> and <LocalID> are separated by a colon ':', and where <OrgID> MUST include a copyrighted, trademarked or otherwise unique name that is owned by the business entity creating/defining the InstanceID, or is a registered ID that is assigned to the business entity by a recognized global authority (This is similar to the <Schema Name>_<Class Name> structure of Schema class names.) In addition, to ensure uniqueness <OrgID> MUST NOT contain a colon (':'). When using this algorithm, the first colon to appear in InstanceID MUST appear between <OrgID> and <LocalID>.
<LocalID> is chosen by the business entity and SHOULD not be re-used to identify different underlying (real-world) elements. If the above 'preferred' algorithm is not used, the defining entity MUST assure that the resultant InstanceID is not re-used across any InstanceIDs produced by this or other providers for this instance's NameSpace.
For DMTF defined instances, the 'preferred' algorithm MUST be used with the <OrgID> set to 'CIM'.
Product Specific Usage:
In Intel AMT Release 6.0 and later releases value is "Intel(r) AMT:CIM_RoleBasedManagementCapabilities"
Qualifiers:
-------------
Key
Override=InstanceID
MaxLen=52
ElementName
public string ElementName
- General Information:
The user friendly name for this instance of Capabilities. In addition, the user friendly name can be used as a index property for a search of query. (Note: Name does not have to be unique within a namespace.)
Product Specific Usage:
In Intel AMT Release 6.0 and later releases value is "Role-based Management Capabilities"
Qualifiers:
-------------
Required
Override=ElementName
MaxLen=40
SupportedMethods
public uint16[2] SupportedMethods
- General Information:
The enumeration values "ChangeAccess", "ShowAccess", "AssignAccess", "RevokeAccess", "CreateRole", "ModifyRole", "AssignRoles", "ShowRoles", and "DeleteRole" corresponds to support for the like-named method of the RoleBasedAuthorizationService.
The value "ModifyPrivilege" corresponds to support for directly modifying an instance of CIM_Privilege using an intrinsic operation.
Product Specific Usage:
In Intel AMT Release 6.0 and later releases value is "ModifyPrivilege"
Qualifiers:
-------------
Override=SupportedMethods
ValueMap={0, 1, 2, 3, 4, 5, 6, 7, 8, 9, .., 32768..65535}
Values={ChangeAccess, ShowAccess, AssignAccess, RevokeAccess, CreateRole, ModifyRole, AssignRoles, ShowRoles, ModifyPrivilege, DeleteRole, DMTF Reserved, Vendor Reserved}
| Method Detail |
|---|
Get
public Get([OUT]CIM_RoleBasedManagementCapabilities Instance)
- Permission Information:
This method is accessible from any realm
General Information:
Gets the representation of the instance
Product Specific Usage:
Additional Notes:
1) 'Get' in Intel AMT Release 3.2 until Release 5.1 is permitted only to 'ADMIN_SECURITY_ADMINISTRATION_REALM'.
2) 'Get' in Intel AMT Release 6.0 and later releases is permitted to all realms
Pull
public Pull([IN]String EnumerationContext, [IN]String MaxElements)
- Permission Information:
All users permitted to use method, only instances to whom the user has permissions will be returned
General Information:
Pulls instances of this class, following an Enumerate operation
Enumerate
public Enumerate()
- Permission Information:
All users permitted to use method
General Information:
Enumerates the instances of this class
Release
public Release([IN]String EnumerationContext)
- Permission Information:
All users permitted to use method
General Information:
Releases an enumeration context
| SUMMARY: NESTED | FIELD | METHOD |
| DETAIL: FIELD | METHOD |
|
Copyright © 2006-2022, Intel Corporation. All rights reserved. |