Name | Data Type | Value |
---|---|---|
Description | string | The CIM_RoleBasedAuthorizationService class represents the authorization service that manages and configures roles on a managed system. The CIM_RoleBasedAuthorizationService is responsible for creating, and deleting CIM_Role instances. Privileges of the roles are represented through the instance(s) of CIM_Privilege class associated to CIM_Role instances through the CIM_MemberOfCollection association. As a result of creating, and deleting CIM_Role instances the CIM_Privilege instances can also be affected. The limiting scope of the role is determined by the CIM_RoleLimitedToTarget association. |
Experimental | boolean | true |
UMLPackagePath | string | CIM::User::Role |
Version | string | 2.37.0 |
Name | Data Type | Class Origin |
---|---|---|
Caption | string | CIM_ManagedElement |
CommunicationStatus | uint16 | CIM_ManagedSystemElement |
CreationClassName | string | CIM_Service |
Description | string | CIM_ManagedElement |
DetailedStatus | uint16 | CIM_ManagedSystemElement |
ElementName | string | CIM_ManagedElement |
EnabledDefault | uint16 | CIM_EnabledLogicalElement |
EnabledState | uint16 | CIM_EnabledLogicalElement |
Generation | uint64 | CIM_ManagedElement |
HealthState | uint16 | CIM_ManagedSystemElement |
InstallDate | datetime | CIM_ManagedSystemElement |
InstanceID | string | CIM_ManagedElement |
LoSID | string | CIM_Service |
LoSOrgID | string | CIM_Service |
Name | string | CIM_Service |
OperatingStatus | uint16 | CIM_ManagedSystemElement |
OtherEnabledState | string | CIM_EnabledLogicalElement |
PrimaryOwnerContact | string | CIM_Service |
PrimaryOwnerName | string | CIM_Service |
PrimaryStatus | uint16 | CIM_ManagedSystemElement |
RequestedState | uint16 | CIM_EnabledLogicalElement |
Started | boolean | CIM_Service |
StartMode | string | CIM_Service |
Status | string | CIM_ManagedSystemElement |
SystemCreationClassName | string | CIM_Service |
SystemName | string | CIM_Service |
TimeOfLastStateChange | datetime | CIM_EnabledLogicalElement |
TransitioningToState | uint16 | CIM_EnabledLogicalElement |
AvailableRequestedStates | uint16[] | CIM_EnabledLogicalElement |
OperationalStatus | uint16[] | CIM_ManagedSystemElement |
StatusDescriptions | string[] | CIM_ManagedSystemElement |
Name | Data Type | Value |
---|---|---|
Description | string | AssignRoles() removes a security principal from any Roles to which it currently belongs and assigns it to the Roles identified by the Roles[] parameter. Upon successful completion of the method, the instance of CIM_Identity identified by the Identity parameter shall be associated to each Role referenced by the Roles parameter through the CIM_MemberOfCollection association and shall not be associated to an instance of CIM_Role unless a reference to it is contained in the Roles parameter. |
ValueMap | string | 0, 1, 2, .., 32000..65535 |
Values | string | Success, Not Supported, Failed, Method Reserved, Vendor Specific |
Name | Type | Qualifiers | ||||
---|---|---|---|---|---|---|
Name | Data Type | Value | ||||
Roles | CIM_Role[] | |||||
Description | string | The set of Roles to which the Identity will be associated through CIM_MemberOfCollection. If the Roles parameter is an empty array, then the successful execution of the method will unassign all the roles from the identity represented by the Identity parameter. | ||||
IN | boolean | true | ||||
Required | boolean | true | ||||
Identity | REF CIM_Identity | |||||
Description | string | The Identity instance representing the security principal whose role membership is being modified. | ||||
IN | boolean | true | ||||
Required | boolean | true |
Name | Data Type | Value |
---|---|---|
Description | string | ModifyRole method modifies the privileges and the scope of the specified instance of the targeted CIM_Role instance. The call may result in the creation, deletion, or modification of CIM_Privilege instances. The call may result in the creation and deletion of CIM_RoleLimitedTarget association instances. |
ValueMap | string | 0, 1, 2, 3, 4, 5, 6, .., 32000..65535 |
Values | string | Success, Not Supported, Unknown, Timeout, Failed, Invalid Parameter, Inappropriate Privilege, DMTF Reserved, Vendor Specific |
Name | Type | Qualifiers | ||||
---|---|---|---|---|---|---|
Name | Data Type | Value | ||||
Privileges | string[] | |||||
Description | string | Privileges parameter represents the desired privileges for the targeted role. When this parameter is non-null, upon successful completion of the method, the instances of CIM_Privilege associated with the targeted CIM_Role instance shall convey equivalent privileges as those indicated by the specified embedded CIM_Privilege instances. The Privilege parameter is an array of elements of CIM_Privilege, encoded as a string valued embedded instance parameter. The embedded instances allow the client to convey the privileges desired for the targeted CIM_Role instance. The method may result in the creation, deletion, or modification of the CIM_Privilege instances. The rights indicated by a CIM_Privilege may be revoked by passing the embedded instance of CIM_Privilege with PrivilegeGranted property set to "FALSE.". When the parameter is null, the privileges for the CIM_Role shall not be modified. | ||||
EmbeddedInstance | string | CIM_Privilege | ||||
IN | boolean | true | ||||
RoleLimitedToTargets | CIM_ManagedElement[] | |||||
Description | string | RoleLimitedToTargets parameter references all of the CIM_ManagedElement instances to which the role shall be limited. When this parameter is non-null, upon successful completion of the method, the targeted CIM_Role instanceshall be associated through the CIM_RoleLimitedToTarget association with only the specified instances of CIM_ManagedElement. This may result in the creation and deletion of instances of CIM_RoleLimitedToTarget. When this parameter is null, the set of instances of CIM_RoleLimitedToTarget that reference the targeted CIM_Role instance shall not be modified. | ||||
IN | boolean | true | ||||
Role | REF CIM_Role | |||||
Description | string | Role parameter is the reference to the targeted CIM_Role instance for which the privileges will be modified. | ||||
IN | boolean | true | ||||
Required | boolean | true |
Name | Data Type | Value |
---|---|---|
Description | string | ShowRoles reports the Privileges (i.e., rights) granted to a particular Subject, for a particular Target, or to a particular Subject for a particular Target through membership in, or scoping to instances of CIM_Role. The Subject parameter, Target parameter, or both shall be specified. When the Subject parameter is specified and the Target parameter is not specified, the method shall return all of Roles to which the subject is associated through CIM_MemberOfCollection. When Target parameter is specified and the Subject parameter is not specified, the method shall all instances of CIM_Role within whose scope the Target Parameter lies. When the Subject parameter and Target parameter are both specified, the method shall return an instance of CIM_Role if and only if the Subject Parameter is associated to the instance of CIM_Role through CIM_MemberOfCollection and the Target Parameter lies within the scope of the instance of CIM_Role. For each instance of CIM_Role returned in the Roles parameter, the corresponding index of the Privileges parameter may contain an instance of CIM_Privilege. The corresponding index of the Privileges parameter may be null when rights granted through a CIM_Role are not explicitly managed, or when there are not currently any instances of CIM_Privilege associated with the CIM_Role instance. When the corresponding index of of the Privileges parameter is non-null, the embedded instance of CIM_Privilege shall reflect the cumulative rights granted through membership in the Role. Each embedded instance of CIM_Role contained in the Roles parameter shall correspond to an instrumented instance of CIM_Role. Each embedded instance of CIM_Privilege contained in the Privileges parameter may correspond to an instance of CIM_Privilege associated to the corresponding instance of CIM_Role through the CIM_MemberOfCollection. However, this is not required. Embedded instances of CIM_Role are returned rather than References in order to simplify the query operation for clients. The properties of the instances of CIM_Role provide context to aid a client in selecting which instance(s) to modify in order to change the privileges of a Subject or for a Target. |
ValueMap | string | 0, 1, 2, .., 32000..65535 |
Values | string | Success, Not Supported, Failed, Method Reserved, Vendor Specific |
Name | Type | Qualifiers | ||||
---|---|---|---|---|---|---|
Name | Data Type | Value | ||||
Privileges | string[] | |||||
ArrayType | string | Indexed | ||||
Description | string | The cumulative rights granted through membership in the instance of CIM_Role located at the same array index in the Roles parameter. | ||||
EmbeddedInstance | string | CIM_Privilege | ||||
IN | boolean | false | ||||
ModelCorrespondence | string | CIM_PrivilegeManagementService.ShowAccess(Privileges) | ||||
OUT | boolean | true | ||||
Roles | string[] | |||||
ArrayType | string | Indexed | ||||
Description | string | The set of instances of CIM_Role filtered according to the Subject and Target parameters. | ||||
EmbeddedInstance | string | CIM_Role | ||||
IN | boolean | false | ||||
ModelCorrespondence | string | CIM_PrivilegeManagementService.ShowAccess(Privileges) | ||||
OUT | boolean | true | ||||
Subject | REF CIM_Identity | |||||
Description | string | The Subject parameter identifies the instance of CIM_Identity whose containing instances of CIM_Role will be returned. | ||||
IN | boolean | true | ||||
Target | REF CIM_ManagedElement | |||||
Description | string | The Target parameter identifies an instance of CIM_ManagedElement whose scoping instances of CIM_Role will be returned. | ||||
IN | boolean | true |
Name | Data Type | Value |
---|---|---|
Description | string | The CreateRole method creates a new instance of CIM_Role with the specified privileges. If the NewRole parameter is specified, the embedded instance will be used as a template for the newly created CIM_Role instance. If the NewRole parameter is not specified, the method will create a default instance of CIM_Role that is implementation specific. In order to be meaningful, a Role requires a set of associated privileges, thus an array of embedded instances of CIM_Privilege is provided as a parameter. An implementation may not support the creation of a Role with the privileges indicated by the specified combination of CIM_Privilege instances. The implementation will create new instances of CIM_Privilege as needed to enable the implementation to represent the rights granted to the new instance of Role. The implementation will associate these Privilege instances to CIM_Role via MemberOfCollection. If the RoleLimitedToTargets parameter is specified, the scope of the new role will be limited to the CIM_ManagedElement instances whose references are specified. For each CIM_ManagedElement specified, the implementation will create an instance of CIM_RoleLimitedToTarget which references CIM_ManagedElement instance and the created instance of CIM_Role. If the RoleLimitedToTargets parameter is not specified, the Role applies to all resources in the target namespace. |
Experimental | boolean | true |
ValueMap | string | 0, 1, 2, 3, 4, 5, 6, .., 32000..65535 |
Values | string | Success, Not Supported, Unknown, Timeout, Failed, Invalid Parameter, Inappropriate Privilege, DMTF Reserved, Vendor Specific |
Name | Type | Qualifiers | ||||
---|---|---|---|---|---|---|
Name | Data Type | Value | ||||
RoleTemplate | string | |||||
Description | string | NewRole parameter is the desired CIM_Role instance to be created. This is an element of class CIM_Role, encoded as a string-valued embedded instance parameter. The embedded instance allows the client to specify the properties desired for the new CIM_Role instance. | ||||
EmbeddedInstance | string | CIM_Role | ||||
IN | boolean | true | ||||
Privileges | string[] | |||||
Description | string | Privileges parameter is the desired CIM_Privilege instances to be associated with the new role. This is an array of elements of class CIM_Privilege, encoded as a string-valued embedded instance parameter. The embedded instances allow the client to specify the properties desired for the CIM_Privilege instances to be associated to the new CIM_Role instance through CIM_MemberOfCollection association. | ||||
EmbeddedInstance | string | CIM_Privilege | ||||
IN | boolean | true | ||||
Required | boolean | true | ||||
RoleLimitedToTargets | CIM_ManagedElement[] | |||||
Description | string | RoleLimitedToTargets parameter references CIM_ManagedElement instances that the new role will be limited to. The call will create CIM_RoleLimitedToTarget association instances between the new CIM_Role instance and the referenced CIM_ManagedElement instances that the role is limited to. | ||||
IN | boolean | true | ||||
OwningSystem | REF CIM_System | |||||
Description | string | If present, CIM_OwningSystem defines a System to which an CIM_OwningCollectionElement association to the new CIM_Role shall be instantiated. | ||||
IN | boolean | true | ||||
Role | REF CIM_Role | |||||
Description | string | Role is an output parameter that per successful execution of the method will contain the reference to the newly created CIM_Role instance. | ||||
IN | boolean | false | ||||
OUT | boolean | true |
Name | Data Type | Value |
---|---|---|
Description | string | DeleteRole method deletes the CIM_Role instance referenced in the call. This method will delete each instance of CIM_MemberOfCollection and CIM_RoleLimitedToTarget that references the specified instance of CIM_Role. Any instances of CIM_Privilege that are associated with the this instance of CIM_Role and no other instances will also be deleted, as well as the CIM_MemberOfCollection associations that associate the CIM_Privilege with the CIM_Role. |
Experimental | boolean | true |
ValueMap | string | 0, 1, 2, 3, 4, 5, .., 32000..65535 |
Values | string | Success, Not Supported, Unknown, Timeout, Failed, Invalid Parameter, DMTF Reserved, Vendor Specific |
Name | Type | Qualifiers | ||||
---|---|---|---|---|---|---|
Name | Data Type | Value | ||||
Role | REF CIM_Role | |||||
Description | string | Role parameter is the reference to the Role instance to be deleted. | ||||
IN | boolean | true | ||||
Required | boolean | true |
Name | Return Type | Class Origin |
---|---|---|
AssignAccess | uint32 | CIM_PrivilegeManagementService |
ChangeAffectedElementsAssignedSequence | uint32 | CIM_Service |
RemoveAccess | uint32 | CIM_PrivilegeManagementService |
RequestStateChange | uint32 | CIM_EnabledLogicalElement |
ShowAccess | uint32 | CIM_PrivilegeManagementService |
StartService | uint32 | CIM_Service |
StopService | uint32 | CIM_Service |