Class Hierarchy
Class Attributes
Class Qualifiers
Properties
Methods
Associations in which the class can participate
Sub Profiling Summary
CIM_RemoteIdentity --> CIM_Identity --> CIM_ManagedElement --> [top]
Class Declaration Attributes Name Value SUPERCLASS CIM_Identity NAME CIM_RemoteIdentity
Class CIM_RemoteIdentity Qualifiers Name Type Value From Class Experimental boolean true CIM_RemoteIdentity Version string 2.17.1 CIM_RemoteIdentity UMLPackagePath string CIM::User::Identity CIM_RemoteIdentity Description string An instance of RemoteIdentity is an Identity that should be used to provide a persistent representation of a security principal for which authoritative information required for mapping to users or groups is not otherwise modeled. CIM_RemoteIdentity UMLPackagePath string CIM::User::Identity CIM_Identity Description string An instance of an Identity represents a ManagedElement that acts as a security principal within the scope in which it is defined and authenticated. (Note that the Identity's scope is specified using the association, CIM_IdentityContext.) ManagedElements with Identities can be OrganizationalEntities, Services, Systems, etc. The ManagedElement 'behind' an Identity is described using the AssignedIdentity association. Within a given security context, an Identity may be imparted a level of trust, usually based on its credentials. A trust level is defined using the CIM_SecuritySensitivity class, and associated with Identity using CIM_ElementSecuritySensitivity. Whether an Identity is currently authenticated is evaluated by checking the CurrentlyAuthenticated boolean property. This property is set and cleared by the security infrastructure, and should only be readable within the management infrastructure. The conditions which must be met/authenticated in order for an Identity's CurrentlyAuthenticated Boolean to be TRUE are defined using a subclass of PolicyCondition - AuthenticationCondition. The inheritance tree for AuthenticationCondition is defined in the CIM Policy Model. Subclasses of Identity may include specific information related to a given AuthenticationService or authority (such as a security token or computer hardware port/communication details) that more specifically determine the authenticity of the Identity. An instance of Identity may be persisted even though it is not CurrentlyAuthenticated, in order to maintain static relationships to Roles, associations to accounting information, and policy data defining authentication requirements. Note however, when an Identity is not authenticated (CurrentlyAuthenticated = FALSE), then Privileges or rights SHOULD NOT be authorized. The lifetime, validity, and propagation of the Identity is dependent on a security infrastructure's policies. CIM_Identity UMLPackagePath string CIM::Core::CoreElements CIM_ManagedElement Description string ManagedElement is an abstract class that provides a common superclass (or top of the inheritance tree) for the non-association classes in the CIM Schema. CIM_ManagedElement
Properties Name Type Value Qualifiers ClassOrigin Name uint8[] Description
OctetString
ModelCorrespondenceCIM_RemoteIdentity NameFormat uint16 Description
ValueMap
Values
ModelCorrespondenceCIM_RemoteIdentity OtherNameFormat string Description
ModelCorrespondenceCIM_RemoteIdentity InstanceID string Key
DescriptionCIM_Identity CurrentlyAuthenticated boolean false Description CIM_Identity Caption string Description
MaxLenCIM_ManagedElement Description string Description CIM_ManagedElement ElementName string Description CIM_ManagedElement Property Qualifiers
Property Name Qualifiers Name Type Value From Class Description string Name is an octet string representing an identifier that can be correlated to the authoritative information. The type and format are defined by the NameFormat and OtherNameFormat properties. CIM_RemoteIdentity OctetString boolean true CIM_RemoteIdentity ModelCorrespondence string CIM_RemoteIdentity.NameFormat CIM_RemoteIdentity
Property NameFormat Qualifiers Name Type Value From Class Description string An enumeration defining the type and format of Name. * GID: A Unix Group ID, an integer encoded as an octet string. For example, the decimal value 25 results in the octet string 0x00000005 0x19. * UID: A Unix User ID, an integer encoded as an octet string. For example, the decimal value 100 results in the octet string 0x00000005 0x64. * SID: A Windows Security ID in its native binary encoding, embedded in an octet string. For example, the SID0x01020000 0x00000005 0x20000000 0x20020000 results in the octet string 0x00000014 0x01020000 0x00000005 0x20000000 0x20020000. * DN: An LDAP Distinguished Name encoded according to the ASN.1 Distinguished Encoding Rules (DER), embedded in an octet string. For example, a Distinguished Name ASN.1 DER encoding that starts with the header 0x3081DE (which represents an ASN.1 SEQUENCE 0xDE = 222 bytes in length, not including the header) results in an octet string that starts with the bytes 0x000000E5 0x3081DE. The ASN.1 Distinguished Encoding Rules are specified in X.690. * KID: A Kerberos Remote Identifier, encoded as a UTF-8 string embedded in an octet string. For example, the KID "Jane Doe" results in the octet string 0x0000000C 0x4A616E65 0x20446F65. CIM_RemoteIdentity ValueMap string [See below.] CIM_RemoteIdentity Values string Other
GID
UID
SID
DN
KID
DMTF ReservedCIM_RemoteIdentity ModelCorrespondence string CIM_RemoteIdentity.Name
CIM_RemoteIdentity.OtherNameFormatCIM_RemoteIdentity
Name Value 1 Other 2 GID 3 UID 4 SID 5 DN 6 KID .. DMTF Reserved
Property OtherNameFormat Qualifiers Name Type Value From Class Description string OtherNameFormat is a string that describes the format of the Name property when NameFormat is set to "Other" . The format of this string is vendor specific. CIM_RemoteIdentity ModelCorrespondence string CIM_RemoteIdentity.NameFormat CIM_RemoteIdentity
Property InstanceID Qualifiers Name Type Value From Class Key boolean true CIM_Identity Description string Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. In order to ensure uniqueness within the NameSpace, the value of InstanceID SHOULD be constructed using the following 'preferred' algorithm: <OrgID>:<LocalID>Where <OrgID> and <LocalID> are separated by a colon ':', and where <OrgID> MUST include a copyrighted, trademarked or otherwise unique name that is owned by the business entity creating/defining the InstanceID, or is a registered ID that is assigned to the business entity by a recognized global authority. (This is similar to the <Schema Name>_<Class Name> structure of Schema class names.) In addition, to ensure uniqueness <OrgID> MUST NOT contain a colon (':'). When using this algorithm, the first colon to appear in InstanceID MUST appear between <OrgID> and <LocalID>. <LocalID> is chosen by the business entity and SHOULD not be re-used to identify different underlying (real-world) elements. If the above 'preferred' algorithm is not used, the defining entity MUST assure that the resultant InstanceID is not re-used across any InstanceIDs produced by this or other providers for this instance's NameSpace. For DMTF defined instances, the 'preferred' algorithm MUST be used with the <OrgID> set to 'CIM'. CIM_Identity
Property CurrentlyAuthenticated Qualifiers Name Type Value From Class Description string Boolean indicating whether this Identity has been authenticated, and is currently known within the scope of an AuthenticationService or authority. By default, authenticity SHOULD NOT be assumed. This property is set and cleared by the security infrastructure, and should only be readable within the management infrastructure. Note that its value, alone, may not be sufficient to determine authentication/ authorization, in that properties of an Identity subclass (such as a security token or computer hardware port/ communication details) may be required by the security infrastructure. CIM_Identity
Property Caption Qualifiers Name Type Value From Class Description string The Caption property is a short textual description (one- line string) of the object. CIM_ManagedElement MaxLen uint32 64 CIM_ManagedElement
Property Description Qualifiers Name Type Value From Class Description string The Description property provides a textual description of the object. CIM_ManagedElement
Property ElementName Qualifiers Name Type Value From Class Description string A user-friendly name for the object. This property allows each instance to define a user-friendly name in addition to its key properties, identity data, and description information. Note that the Name property of ManagedSystemElement is also defined as a user-friendly name. But, it is often subclassed to be a Key. It is not reasonable that the same property can convey both identity and a user-friendly name, without inconsistencies. Where Name exists and is not a Key (such as for instances of LogicalDevice), the same information can be present in both the Name and ElementName properties. CIM_ManagedElement
Method Qualifiers
Parameters
Parameter Qualifiers