WS-Management > WS-Management Class Reference > CIM Classes > CIM_PrivilegeManagementService

Class CIM_PrivilegeManagementService

CIM_ManagedElement
   extended by CIM_ManagedSystemElement
      extended by CIM_LogicalElement
         extended by CIM_EnabledLogicalElement
            extended by CIM_Service
               extended by CIM_SecurityService
                  extended by CIM_AuthorizationService
                     extended by CIM_PrivilegeManagementService

Known Subclasses:
CIM_RoleBasedAuthorizationService

class CIM_PrivilegeManagementService
extends CIM_AuthorizationService

General Information:
The PrivilegeManagementService is responsible for creating, deleting, and associating AuthorizedPrivilege instances. References to 'subject' and 'target' define the entities that are associated with an AuthorizedPrivilege instance via the relationships, AuthorizedSubject and AuthorizedTarget, respectively. When created, an AuthorizedPrivilege instance is related to this (PrivilegeManagement)Service via the association, ConcreteDependency.

Qualifiers:
-------------
Version=2.20.0
UMLPackagePath=CIM::User::PrivilegeManagementService


Supported Fields Summary
 boolean Started
Started is a Boolean that indicates whether the Service has been started (TRUE), or stopped (FALSE).
 string StartMode
Note: The use of this element is deprecated in lieu of the EnabledDefault property that is inherited from EnabledLogicalElement . . .
 string PrimaryOwnerContact
A string that provides information on how the primary owner of the Service can be reached (for example, phone number, e-mail address, and so on).
 string PrimaryOwnerName
The name of the primary owner for the service, if one is defined . . .
 string Name Key
The Name property uniquely identifies the Service and provides an indication of the functionality that is managed . . .
 string CreationClassName Key
CreationClassName indicates the name of the class or the subclass that is used in the creation of an instance . . .
 string SystemName Key
The Name of the scoping System.
 string SystemCreationClassName Key
The CreationClassName of the scoping System.
 string ElementName
A user-friendly name for the object . . .
 string Description
The Description property provides a textual description of the object.
 string Caption
The Caption property is a short textual description (one- line string) of the object.
 datetime InstallDate
A datetime value that indicates when the object was installed . . .
 uint16[] OperationalStatus
Indicates the current statuses of the element . . .
 string[] StatusDescriptions
Strings describing the various OperationalStatus array values . . .
 string Status
A string indicating the current status of the object . . .
 uint16 HealthState
Indicates the current health of the element . . .
 uint16 EnabledState
EnabledState is an integer enumeration that indicates the enabled and disabled states of an element . . .
 string OtherEnabledState
A string that describes the enabled or disabled state of the element when the EnabledState property is set to 1 ("Other") . . .
 uint16 RequestedState
RequestedState is an integer enumeration that indicates the last requested or desired state for the element, irrespective of the mechanism through which it was requested . . .
 uint16 EnabledDefault
An enumerated value indicating an administrator's default or startup configuration for the Enabled State of an element . . .
 datetime TimeOfLastStateChange
The date or time when the EnabledState of the element last changed . . .

Methods Summary
 uint32 StopService()
The StopService method places the Service in the stopped state . . .
 uint32 StartService()
The StartService method places the Service in the started state . . .
 uint32 RequestStateChange(RequestedState, REF Job, TimeoutPeriod)
Requests that the state of the element be changed to the value specified in the RequestedState parameter . . .
 uint32 AssignAccess(REF Subject, PrivilegeGranted, Activities, ActivityQualifiers, QualifierFormats, REF Target, REF Privilege)
When this method is called, a provider updates the specified Subject's rights to the Target according to the parameters of this call . . .
 uint32 RemoveAccess(REF Subject, REF Privilege, REF Target)
This method revokes a specific AuthorizedPrivilege or all privileges for a particular target, subject, or subject/target pair . . .
 uint32 ShowAccess(REF Subject, REF Target, REF OutSubjects, REF OutTargets, Privileges)
ShowAccess reports the Privileges (i.e., rights) granted to a particular Subject and/or Target pair . . .
  Create(Instance, ResourceCreated)
Creates a new instance of this class
  Put(Instance)
Changes properties of the selected instance
  Get(Instance)
Gets the representation of the instance
  Delete()
Deletes an instance
  Pull(EnumerationContext, MaxElements)
Pulls instances of this class, following an Enumerate operation
  Enumerate()
Enumerates the instances of this class
  Release(EnumerationContext)
Releases an enumeration context
  Subscribe()
Subscribes to this resource (WS-Eventing)
  Unsubscribe()
Remove subscription to this resource (WS-Eventing)

Field Detail

Started

public boolean Started
General Information:
Started is a Boolean that indicates whether the Service has been started (TRUE), or stopped (FALSE).


StartMode

public string StartMode
General Information:
Note: The use of this element is deprecated in lieu of the EnabledDefault property that is inherited from EnabledLogicalElement. The EnabledLogicalElement addresses the same semantics. The change to a uint16 data type was discussed when CIM V2.0 was defined. However, existing V1.0 implementations used the string property. To remain compatible with those implementations, StartMode was grandfathered into the schema. Use of the deprecated qualifier allows the maintenance of the existing property but also permits an improved, clarified definition using EnabledDefault.
Deprecated description: StartMode is a string value that indicates whether the Service is automatically started by a System, an Operating System, and so on, or is started only upon request.

Qualifiers:
-------------
Deprecated={CIM_Service.EnabledDefault}
ValueMap={Automatic, Manual}
MaxLen=10


PrimaryOwnerContact

public string PrimaryOwnerContact
General Information:
A string that provides information on how the primary owner of the Service can be reached (for example, phone number, e-mail address, and so on).

Qualifiers:
-------------
Write
MaxLen=256
MappingStrings={MIF.DMTF|General Information|001.4}


PrimaryOwnerName

public string PrimaryOwnerName
General Information:
The name of the primary owner for the service, if one is defined. The primary owner is the initial support contact for the Service.

Qualifiers:
-------------
Write
MaxLen=64
MappingStrings={MIF.DMTF|General Information|001.3}


Name Key

public string Name
General Information:
The Name property uniquely identifies the Service and provides an indication of the functionality that is managed. This functionality is described in more detail in the Description property of the object.

Qualifiers:
-------------
Key
Override=Name
MaxLen=256


CreationClassName Key

public string CreationClassName
General Information:
CreationClassName indicates the name of the class or the subclass that is used in the creation of an instance. When used with the other key properties of this class, this property allows all instances of this class and its subclasses to be uniquely identified.

Qualifiers:
-------------
Key
MaxLen=256


SystemName Key

public string SystemName
General Information:
The Name of the scoping System.

Qualifiers:
-------------
Key
MaxLen=256
Propagated=CIM_System.Name


SystemCreationClassName Key

public string SystemCreationClassName
General Information:
The CreationClassName of the scoping System.

Qualifiers:
-------------
Key
MaxLen=256
Propagated=CIM_System.CreationClassName


ElementName

public string ElementName
General Information:
A user-friendly name for the object. This property allows each instance to define a user-friendly name in addition to its key properties, identity data, and description information.
Note that the Name property of ManagedSystemElement is also defined as a user-friendly name. But, it is often subclassed to be a Key. It is not reasonable that the same property can convey both identity and a user-friendly name, without inconsistencies. Where Name exists and is not a Key (such as for instances of LogicalDevice), the same information can be present in both the Name and ElementName properties. Note that if there is an associated instance of CIM_EnabledLogicalElementCapabilities, restrictions on this properties may exist as defined in ElementNameMask and MaxElementNameLen properties defined in that class.

Qualifiers:
-------------
MaxLen=256


Description

public string Description
General Information:
The Description property provides a textual description of the object.

Qualifiers:
-------------
MaxLen=256


Caption

public string Caption
General Information:
The Caption property is a short textual description (one- line string) of the object.

Qualifiers:
-------------
MaxLen=64


InstallDate

public datetime InstallDate
General Information:
A datetime value that indicates when the object was installed. Lack of a value does not indicate that the object is not installed.

Qualifiers:
-------------
MappingStrings={MIF.DMTF|ComponentID|001.5}


OperationalStatus

public uint16[] OperationalStatus
General Information:
Indicates the current statuses of the element. Various operational statuses are defined. Many of the enumeration's values are self-explanatory. However, a few are not and are described here in more detail.
"Stressed" indicates that the element is functioning, but needs attention. Examples of "Stressed" states are overload, overheated, and so on.
"Predictive Failure" indicates that an element is functioning nominally but predicting a failure in the near future.
"In Service" describes an element being configured, maintained, cleaned, or otherwise administered.
"No Contact" indicates that the monitoring system has knowledge of this element, but has never been able to establish communications with it.
"Lost Communication" indicates that the ManagedSystem Element is known to exist and has been contacted successfully in the past, but is currently unreachable.
"Stopped" and "Aborted" are similar, although the former implies a clean and orderly stop, while the latter implies an abrupt stop where the state and configuration of the element might need to be updated.
"Dormant" indicates that the element is inactive or quiesced.
"Supporting Entity in Error" indicates that this element might be "OK" but that another element, on which it is dependent, is in error. An example is a network service or endpoint that cannot function due to lower-layer networking problems.
"Completed" indicates that the element has completed its operation. This value should be combined with either OK, Error, or Degraded so that a client can tell if the complete operation Completed with OK (passed), Completed with Error (failed), or Completed with Degraded (the operation finished, but it did not complete OK or did not report an error).
"Power Mode" indicates that the element has additional power model information contained in the Associated PowerManagementService association.
"Relocating" indicates the element is being relocated.
OperationalStatus replaces the Status property on ManagedSystemElement to provide a consistent approach to enumerations, to address implementation needs for an array property, and to provide a migration path from today's environment to the future. This change was not made earlier because it required the deprecated qualifier. Due to the widespread use of the existing Status property in management applications, it is strongly recommended that providers or instrumentation provide both the Status and OperationalStatus properties. Further, the first value of OperationalStatus should contain the primary status for the element. When instrumented, Status (because it is single-valued) should also provide the primary status of the element.

Qualifiers:
-------------
ValueMap={0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, .., 0x8000..}
Values={Unknown, Other, OK, Degraded, Stressed, Predictive Failure, Error, Non-Recoverable Error, Starting, Stopping, Stopped, In Service, No Contact, Lost Communication, Aborted, Dormant, Supporting Entity in Error, Completed, Power Mode, Relocating, DMTF Reserved, Vendor Reserved}
ArrayType=Indexed
ModelCorrespondence={CIM_ManagedSystemElement.StatusDescriptions}


StatusDescriptions

public string[] StatusDescriptions
General Information:
Strings describing the various OperationalStatus array values. For example, if "Stopping" is the value assigned to OperationalStatus, then this property may contain an explanation as to why an object is being stopped. Note that entries in this array are correlated with those at the same array index in OperationalStatus.

Qualifiers:
-------------
ArrayType=Indexed
ModelCorrespondence={CIM_ManagedSystemElement.OperationalStatus}
MaxLen=256


Status

public string Status
General Information:
A string indicating the current status of the object. Various operational and non-operational statuses are defined. This property is deprecated in lieu of OperationalStatus, which includes the same semantics in its enumeration. This change is made for 3 reasons:
1) Status is more correctly defined as an array. This definition overcomes the limitation of describing status using a single value, when it is really a multi-valued property (for example, an element might be OK AND Stopped.
2) A MaxLen of 10 is too restrictive and leads to unclear enumerated values.
3) The change to a uint16 data type was discussed when CIM V2.0 was defined. However, existing V1.0 implementations used the string property and did not want to modify their code. Therefore, Status was grandfathered into the Schema. Use of the deprecated qualifier allows the maintenance of the existing property, but also permits an improved definition using OperationalStatus.

Qualifiers:
-------------
Deprecated={CIM_ManagedSystemElement.OperationalStatus}
ValueMap={OK, Error, Degraded, Unknown, Pred Fail, Starting, Stopping, Service, Stressed, NonRecover, No Contact, Lost Comm, Stopped}
MaxLen=10


HealthState

public uint16 HealthState
General Information:
Indicates the current health of the element. This attribute expresses the health of this element but not necessarily that of its subcomponents. The possible values are 0 to 30, where 5 means the element is entirely healthy and 30 means the element is completely non-functional. The following continuum is defined:
"Non-recoverable Error" (30) - The element has completely failed, and recovery is not possible. All functionality provided by this element has been lost.
"Critical Failure" (25) - The element is non-functional and recovery might not be possible.
"Major Failure" (20) - The element is failing. It is possible that some or all of the functionality of this component is degraded or not working.
"Minor Failure" (15) - All functionality is available but some might be degraded.
"Degraded/Warning" (10) - The element is in working order and all functionality is provided. However, the element is not working to the best of its abilities. For example, the element might not be operating at optimal performance or it might be reporting recoverable errors.
"OK" (5) - The element is fully functional and is operating within normal operational parameters and without error.
"Unknown" (0) - The implementation cannot report on HealthState at this time.
DMTF has reserved the unused portion of the continuum for additional HealthStates in the future.

Qualifiers:
-------------
ValueMap={0, 5, 10, 15, 20, 25, 30, .., 32768..65535}
Values={Unknown, OK, Degraded/Warning, Minor failure, Major failure, Critical failure, Non-recoverable error, DMTF Reserved, Vendor Specific}


EnabledState

public uint16 EnabledState
General Information:
EnabledState is an integer enumeration that indicates the enabled and disabled states of an element. It can also indicate the transitions between these requested states. For example, shutting down (value=4) and starting (value=10) are transient states between enabled and disabled. The following text briefly summarizes the various enabled and disabled states:
Enabled (2) indicates that the element is or could be executing commands, will process any queued commands, and queues new requests.
Disabled (3) indicates that the element will not execute commands and will drop any new requests.
Shutting Down (4) indicates that the element is in the process of going to a Disabled state.
Not Applicable (5) indicates the element does not support being enabled or disabled.
Enabled but Offline (6) indicates that the element might be completing commands, and will drop any new requests.
Test (7) indicates that the element is in a test state.
Deferred (8) indicates that the element might be completing commands, but will queue any new requests.
Quiesce (9) indicates that the element is enabled but in a restricted mode.
Starting (10) indicates that the element is in the process of going to an Enabled state. New requests are queued.

Qualifiers:
-------------
ValueMap={0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11..32767, 32768..65535}
Values={Unknown, Other, Enabled, Disabled, Shutting Down, Not Applicable, Enabled but Offline, In Test, Deferred, Quiesce, Starting, DMTF Reserved, Vendor Reserved}
ModelCorrespondence={CIM_EnabledLogicalElement.OtherEnabledState}


OtherEnabledState

public string OtherEnabledState
General Information:
A string that describes the enabled or disabled state of the element when the EnabledState property is set to 1 ("Other"). This property must be set to null when EnabledState is any value other than 1.

Qualifiers:
-------------
ModelCorrespondence={CIM_EnabledLogicalElement.EnabledState}
MaxLen=256


RequestedState

public uint16 RequestedState
General Information:
RequestedState is an integer enumeration that indicates the last requested or desired state for the element, irrespective of the mechanism through which it was requested. The actual state of the element is represented by EnabledState. This property is provided to compare the last requested and current enabled or disabled states. Note that when EnabledState is set to 5 ("Not Applicable"), then this property has no meaning. Refer to the EnabledState property description for explanations of the values in the RequestedState enumeration.
"Unknown" (0) indicates the last requested state for the element is unknown.
Note that the value "No Change" (5) has been deprecated in lieu of indicating the last requested state is "Unknown" (0). If the last requested or desired state is unknown, RequestedState should have the value "Unknown" (0), but may have the value "No Change" (5).Offline (6) indicates that the element has been requested to transition to the Enabled but Offline EnabledState.
It should be noted that there are two new values in RequestedState that build on the statuses of EnabledState. These are "Reboot" (10) and "Reset" (11). Reboot refers to doing a "Shut Down" and then moving to an "Enabled" state. Reset indicates that the element is first "Disabled" and then "Enabled". The distinction between requesting "Shut Down" and "Disabled" should also be noted. Shut Down requests an orderly transition to the Disabled state, and might involve removing power, to completely erase any existing state. The Disabled state requests an immediate disabling of the element, such that it will not execute or accept any commands or processing requests.

This property is set as the result of a method invocation (such as Start or StopService on CIM_Service), or can be overridden and defined as WRITEable in a subclass. The method approach is considered superior to a WRITEable property, because it allows an explicit invocation of the operation and the return of a result code.

If knowledge of the last RequestedState is not supported for the EnabledLogicalElement, the property shall be NULL or have the value 12 "Not Applicable".

Qualifiers:
-------------
ValueMap={0, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, .., 32768..65535}
Values={Unknown, Enabled, Disabled, Shut Down, No Change, Offline, Test, Deferred, Quiesce, Reboot, Reset, Not Applicable, DMTF Reserved, Vendor Reserved}
ModelCorrespondence={CIM_EnabledLogicalElement.EnabledState}


EnabledDefault

public uint16 EnabledDefault
General Information:
An enumerated value indicating an administrator's default or startup configuration for the Enabled State of an element. By default, the element is "Enabled" (value=2).

Qualifiers:
-------------
Write
ValueMap={2, 3, 5, 6, 7, 9, .., 32768..65535}
Values={Enabled, Disabled, Not Applicable, Enabled but Offline, No Default, Quiesce, DMTF Reserved, Vendor Reserved}


TimeOfLastStateChange

public datetime TimeOfLastStateChange
General Information:
The date or time when the EnabledState of the element last changed. If the state of the element has not changed and this property is populated, then it must be set to a 0 interval value. If a state change was requested, but rejected or not yet processed, the property must not be updated.


Method Detail

StopService

public uint32 StopService()
Permission Information:
No permissions defined

General Information:
The StopService method places the Service in the stopped state. Note that the function of this method overlaps with the RequestedState property. RequestedState was added to the model to maintain a record (such as a persisted value) of the last state request. Invoking the StopService method should set the RequestedState property appropriately. The method returns an integer value of 0 if the Service was successfully stopped, 1 if the request is not supported, and any other number to indicate an error. In a subclass, the set of possible return codes could be specified using a ValueMap qualifier on the method. The strings to which the ValueMap contents are translated can also be specified in the subclass as a Values array qualifier.

Note: The semantics of this method overlap with the RequestStateChange method that is inherited from EnabledLogicalElement. This method is maintained because it has been widely implemented, and its simple "stop" semantics are convenient to use.

StartService

public uint32 StartService()
Permission Information:
No permissions defined

General Information:
The StartService method places the Service in the started state. Note that the function of this method overlaps with the RequestedState property. RequestedState was added to the model to maintain a record (such as a persisted value) of the last state request. Invoking the StartService method should set the RequestedState property appropriately. The method returns an integer value of 0 if the Service was successfully started, 1 if the request is not supported, and any other number to indicate an error. In a subclass, the set of possible return codes could be specified using a ValueMap qualifier on the method. The strings to which the ValueMap contents are translated can also be specified in the subclass as a Values array qualifier.

Note: The semantics of this method overlap with the RequestStateChange method that is inherited from EnabledLogicalElement. This method is maintained because it has been widely implemented, and its simple "start" semantics are convenient to use.

RequestStateChange

public uint32 RequestStateChange([IN]uint16 RequestedState, [OUT]REF CIM_ConcreteJob Job, [IN]datetime TimeoutPeriod)
Permission Information:
No permissions defined

General Information:
Requests that the state of the element be changed to the value specified in the RequestedState parameter. When the requested state change takes place, the EnabledState and RequestedState of the element will be the same. Invoking the RequestStateChange method multiple times could result in earlier requests being overwritten or lost.
A return code of 0 shall indicate the state change was successfully initiated.
A return code of 3 shall indicate that the state transition cannot complete within the interval specified by the TimeoutPeriod parameter.
A return code of 4096 (0x1000) shall indicate the state change was successfully initiated, a ConcreteJob has been created, and its reference returned in the output parameter Job. Any other return code indicates an error condition.

Qualifiers:
-------------
ValueMap={0, 1, 2, 3, 4, 5, 6, .., 4096, 4097, 4098, 4099, 4100..32767, 32768..65535}
Values={Completed with No Error, Not Supported, Unknown or Unspecified Error, Cannot complete within Timeout Period, Failed, Invalid Parameter, In Use, DMTF Reserved, Method Parameters Checked - Job Started, Invalid State Transition, Use of Timeout Parameter Not Supported, Busy, Method Reserved, Vendor Specific}
ModelCorrespondence={CIM_EnabledLogicalElement.RequestedState}


Parameters:
--------------
RequestedState
General Information:
The state requested for the element. This information will be placed into the RequestedState property of the instance if the return code of the RequestStateChange method is 0 ('Completed with No Error'), or 4096 (0x1000) ('Job Started'). Refer to the description of the EnabledState and RequestedState properties for the detailed explanations of the RequestedState values.

Qualifiers:
-------------
IN
ValueMap={2, 3, 4, 6, 7, 8, 9, 10, 11, .., 32768..65535}
Values={Enabled, Disabled, Shut Down, Offline, Test, Defer, Quiesce, Reboot, Reset, DMTF Reserved, Vendor Reserved}
ModelCorrespondence={CIM_EnabledLogicalElement.RequestedState}

Job
General Information:
May contain a reference to the ConcreteJob created to track the state transition initiated by the method invocation.

Qualifiers:
-------------
IN=false
OUT

TimeoutPeriod
General Information:
A timeout period that specifies the maximum amount of time that the client expects the transition to the new state to take. The interval format must be used to specify the TimeoutPeriod. A value of 0 or a null parameter indicates that the client has no time requirements for the transition.
If this property does not contain 0 or null and the implementation does not support this parameter, a return code of 'Use Of Timeout Parameter Not Supported' shall be returned.

Qualifiers:
-------------
IN



AssignAccess

public uint32 AssignAccess([IN]REF CIM_ManagedElement Subject, [IN]boolean PrivilegeGranted, [IN]uint16 Activities[], [IN]string ActivityQualifiers[], [IN]uint16 QualifierFormats[], [IN]REF CIM_ManagedElement Target, [IN][OUT]REF CIM_AuthorizedPrivilege Privilege)
Permission Information:
No permissions defined

General Information:
When this method is called, a provider updates the specified Subject's rights to the Target according to the parameters of this call. The rights are modeled via an AuthorizedPrivilege instance. If an AuthorizedPrivilege instance is created as a result of this call, it MUST be linked to the Subject and Target via the AuthorizedSubject and AuthorizedTarget associations, respectively. When created, the AuthorizedPrivilege instance is associated to this PrivilegeManagementService via ConcreteDependency. If the execution of this call results in no rights between the Subject and Target, then they MUST NOT be linked to a particular AuthorizedPrivilege instance via AuthorizedSubject and AuthorizedTarget respectively.

Note that regardless of whether specified via parameter, or template, the Activities, ActivityQualifiers and QualifierFormats, are mutually indexed. Also note that Subject and Target references MUST be supplied.

The successful completion of the method SHALL create any necessary AuthorizedSubject, AuthorizedTarget, AuthorizedPrivilege, HostedDependency, and ConcreteDependency instances.

Qualifiers:
-------------
ValueMap={0, 1, 2, 3, 4, 5, 6..15999, 16000, 16001, 16002, 16003, 16004, 16005..31999, 32000..65535}
Values={Success, Not Supported, Unspecified Error, Timeout, Failed, Invalid Parameter, DMTF Reserved, Unsupported Subject, Unsupported Privilege, Unsupported Target, Authorization Error, NULL not supported, Method Reserved, Vendor Specific}


Parameters:
--------------
Subject
General Information:
The Subject parameter is a reference to a ManagedElement instance. This parameter MUST be supplied.

Qualifiers:
-------------
Required
IN

PrivilegeGranted
General Information:
MUST be NULL unless Privilege is NULL on input. The PrivilegeGranted flag indicates whether the rights defined by the parameters in this call should be granted or denied to the named Subject/Target pair.

Qualifiers:
-------------
IN
ModelCorrespondence={CIM_AuthorizedPrivilege.PrivilegeGranted, CIM_PrivilegeManagementService.AssignAccess.Privilege}

Activities
General Information:
MUST be NULL unless the Privilege is NULL on input. This parameter specifies the activities to be granted or denied.

Qualifiers:
-------------
IN
ValueMap={1, 2, 3, 4, 5, 6, 7, .., 16000..65535}
Values={Other, Create, Delete, Detect, Read, Write, Execute, DMTF Reserved, Vendor Reserved}
ArrayType=Indexed
ModelCorrespondence={CIM_AuthorizedPrivilege.Activities, CIM_PrivilegeManagementService.AssignAccess.Privilege}

ActivityQualifiers
General Information:
MUST be NULL unless Privilege is NULL on input. This parameter defines the activity qualifiers for the Activities to be granted or denied.

Qualifiers:
-------------
IN
ArrayType=Indexed
ModelCorrespondence={CIM_AuthorizedPrivilege.ActivityQualifers, CIM_PrivilegeManagementService.AssignAccess.Privilege}

QualifierFormats
General Information:
MUST be NULL unless Privilege is NULL on input. This parameter defines the qualifier formats for the corresponding ActivityQualifiers.

Qualifiers:
-------------
IN
ValueMap={2, 3, 4, 5, 6, 7, 8, 9, 10..15999, 16000..65535}
Values={Class Name, <Class.>Property, <Class.>Method, Object Reference, Namespace, URL, Directory/File Name, Command Line Instruction, DMTF Reserved, Vendor Reserved}
ArrayType=Indexed
ModelCorrespondence={CIM_AuthorizedPrivilege.QualifierFormats, CIM_PrivilegeManagementService.AssignAccess.Privilege}

Target
General Information:
The Target parameter is a reference to an instance of ManagedElement. This parameter MUST be supplied.

Qualifiers:
-------------
Required
IN

Privilege
General Information:
On input, this reference MUST be either NULL or refer to an instance of AuthorizedPrivilege that is used as a template. The rights granted by corresponding entries in the Activities, ActivityQualifiers and QualifierFormats array properties are applied incrementally and do not affect unnamed rights. If the property, PrivilegeGranted, is false, then the named rights are removed. If PrivilegeGranted is True, then the named rights are added. (Note that the RemoveAccess method SHOULD be used to completely remove all privileges between a subject and a target. On output, this property references an AuthorizedPrivilege instance that represents the resulting rights between the named Subject and the named Target. AuthorizedPrivilege instances used as a templates in this property SHOULD have a HostedDependency association to the PriviligeManagementService and SHOULD NOT have any AuthorizedTarget or AuthorizedSubject associations to it.

Qualifiers:
-------------
IN
OUT



RemoveAccess

public uint32 RemoveAccess([IN]REF CIM_ManagedElement Subject, [IN]REF CIM_AuthorizedPrivilege Privilege, [IN]REF CIM_ManagedElement Target)
Permission Information:
No permissions defined

General Information:
This method revokes a specific AuthorizedPrivilege or all privileges for a particular target, subject, or subject/target pair. If an AuthorizedPrivilege instance is left with no AuthorizedTarget associations, it SHOULD be deleted. The successful completion of the method SHALL remove the directly or indirectly requested AuthorizedSubject, AuthorizedTarget and AuthorizedPrivilege instances.

Qualifiers:
-------------
ValueMap={0, 1, 2, 3, 4, 5, 6..15999, 16000, 16001, 16002, 16003, 16004..32767, 32768..65535}
Values={Success, Not Supported, Unspecified Error, Timeout, Failed, Invalid Parameter, DMTF Reserved, Unsupported Privilege, Unsupported Target, Authorization Error, Null parameter not supported, Method Reserved, Vendor Specific}


Parameters:
--------------
Subject
General Information:
The Subject parameter is a reference to a ManagedElement instance (associated via AuthorizedSubject) for which privileges are to be revoked.

Qualifiers:
-------------
IN

Privilege
General Information:
A reference to the AuthorizedPrivilege to be revoked.

Qualifiers:
-------------
IN

Target
General Information:
The Target parameter is a reference to a ManagedElement (associated via AuthorizedTarget) which will no longer be protected via the AuthorizedPrivilege.

Qualifiers:
-------------
IN



ShowAccess

public uint32 ShowAccess([IN]REF CIM_ManagedElement Subject, [IN]REF CIM_ManagedElement Target, [OUT]REF CIM_ManagedElement OutSubjects[], [OUT]REF CIM_ManagedElement OutTargets[], [OUT]string Privileges[])
Permission Information:
No permissions defined

General Information:
ShowAccess reports the Privileges (i.e., rights) granted to a particular Subject and/or Target pair. Either a Subject, a Target or both MUST be specified. In the case where only one is specified, the method will return all rights to all Targets for the specified Subject, or all rights for all subjects which apply to the specified Target.

ShowAccess returns the cumulative rights granted between the OutSubjects and OutTargets at the same array index (filtered to return the information that the requestor is authorized to view). If a specific array entry is NULL, then there exist NO rights that the requestor is authorized to view between the Subject/Target pair.

Note that the Privileges returned by this method MAY NOT correspond to what is actually instantiated in the model, and MAY be optimized for ease of reporting. Hence, the data is passed 'by value', as embedded objects. Also, note that multiple Privileges MAY be defined for a given Subject/Target pair.

Other mechanisms MAY also be used to retrieve this information. CIM Operations' EnumerateInstances MAY be used to return all Privileges currently instantiated within a namespace. Also, if the AuthorizedPrivilege subclass is instantiated, the CIM Operation Associators MAY be used to navigate from the Privilege to AuthorizedSubjects and AuthorizedTargets. These CIM Operations will not generally provide the functionality or optimizations available with ShowAccess.

Qualifiers:
-------------
ValueMap={0, 1, 2, 3, 4, 5, .., 16000, 16002, 16003, 16004, 16005..31999, 32000..65535}
Values={Success, Not Supported, Unknown, Timeout, Failed, Invalid Parameter, DMTF Reserved, Unsupported Subject, Unsupported Target, Authorization Error, NULL not supported, Method Reserved, Vendor Specific}


Parameters:
--------------
Subject
General Information:
The Subject parameter references an instance of ManagedElement. The result of this operation is that the cumulative rights of the Subject to access or define authorization rights for the Target will be reported. If no Subject is specified, then a Target MUST be supplied and ALL Subjects that have rights to access or define authorizations for the Target will be reported. (It should be noted that the information reported MUST be filtered by the rights of the requestor to view that data.) If the Subject element is a Collection, then the operation will specifically report the Privileges for all elements associated to the Collection via MemberOfCollection. These elements will be reported individually in the returned OutSubjects array.

Qualifiers:
-------------
IN
ModelCorrespondence={CIM_PrivilegeManagementService.ShowAccess.Target}

Target
General Information:
The Target parameter references an instance of ManagedElement. The result of this operation is that the cumulative rights of the Subject to access or define authorization rights for the Target will be reported. If no Target is specified, then a Subject MUST be supplied and ALL Targets for which that the Subject has rights to access or define authorization will be reported. (It should be noted that the information reported MUST be filtered by the rights of the requestor to view that data.) If the Target element is a Collection, then the operation will be applied to all elements associated to the Collection via MemberOfCollection. These elements will be reported individually in the returned OutTargets array.

Qualifiers:
-------------
IN
ModelCorrespondence={CIM_PrivilegeManagementService.ShowAccess.Subject}

OutSubjects
General Information:
The array of Subject REFs corresponding to the individual Privileges and OutTargets arrays. The resulting OutSubjects, Privileges and OutTargets arrays define the cumulative rights granted between the Subject/Target at the corresponding index (filtered to return the information that the requestor is authorized to view).

Qualifiers:
-------------
IN=false
OUT
ArrayType=Indexed
ModelCorrespondence={CIM_PrivilegeManagementService.ShowAccess.Subject, CIM_PrivilegeManagementService.ShowAccess.Privileges, CIM_PrivilegeManagementService.ShowAccess.OutTargets}

OutTargets
General Information:
The array of Target REFs corresponding to the individual Privileges and OutSubjects arrays. The resulting OutSubjects, Privileges and OutTargets arrays define the cumulative rights granted between the Subject/Target at the corresponding index (filtered to return the information that the requestor is authorized to view).

Qualifiers:
-------------
IN=false
OUT
ArrayType=Indexed
ModelCorrespondence={CIM_PrivilegeManagementService.ShowAccess.Target, CIM_PrivilegeManagementService.ShowAccess.Privileges, CIM_PrivilegeManagementService.ShowAccess.OutSubjects}

Privileges
General Information:
The returned Privilege objects represent the cumulative rights granted between the OutSubjects and OutTargets at the same array index (filtered to return the information that the requestor is authorized to view). If a specific array entry is NULL, then there exist NO rights that the requestor is authorized to view between the Subject/Target pair.

Qualifiers:
-------------
IN=false
OUT
EmbeddedObject
ArrayType=Indexed
ModelCorrespondence={CIM_PrivilegeManagementService.ShowAccess.OutTargets, CIM_PrivilegeManagementService.ShowAccess.OutSubjects}



Create

public  Create([IN]CIM_PrivilegeManagementService Instance, [OUT] REF CIM_PrivilegeManagementService ResourceCreated)
Permission Information:
No permissions defined

General Information:
Creates a new instance of this class

Product Specific Usage:
The following properties must be included in any representation of CIM_PrivilegeManagementService:

Name
CreationClassName
SystemName
SystemCreationClassName


Put

public  Put([IN]CIM_PrivilegeManagementService Instance)
Permission Information:
No permissions defined

General Information:
Changes properties of the selected instance

Product Specific Usage:
The following properties must be included in any representation of CIM_PrivilegeManagementService:

Name
CreationClassName
SystemName
SystemCreationClassName


Get

public  Get([OUT]CIM_PrivilegeManagementService Instance)
Permission Information:
No permissions defined

General Information:
Gets the representation of the instance

Delete

public  Delete()
Permission Information:
No permissions defined

General Information:
Deletes an instance

Pull

public  Pull([IN]String EnumerationContext, [IN]String MaxElements)
Permission Information:
All users permitted to use method, only instances to whom the user has permissions will be returned

General Information:
Pulls instances of this class, following an Enumerate operation

Enumerate

public  Enumerate()
Permission Information:
All users permitted to use method

General Information:
Enumerates the instances of this class

Release

public  Release([IN]String EnumerationContext)
Permission Information:
All users permitted to use method

General Information:
Releases an enumeration context

Subscribe

public  Subscribe()
Permission Information:
No permissions defined

General Information:
Subscribes to this resource (WS-Eventing)

Unsubscribe

public  Unsubscribe()
Permission Information:
No permissions defined

General Information:
Remove subscription to this resource (WS-Eventing)

Copyright © 2006-2022, Intel Corporation. All rights reserved.