+-AAAPKIAPNList

+-APN [0..]

APN list for PKI authentication.

Attributes
`string key mandatory noNotification restricted`	`pkiAPNListId` The value component of the RDN.

class AAAPKIAPNList

class AAAPKIService

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-AAAPKIService

+-AAAPKIAPNList [1..1]

+-EapTlsConfig [1..1]

+-OCSPMgr [1..1]

PKI (Public-Key Infrastructure) authentication configuration for Wi-Fi NSDS(Non-SIM Device Support).

Attributes
`string key mandatory noNotification restricted`	`aaaPkiServiceId` The value component of the RDN.
`boolean`	`checkCertificateInDB = true` Enable or disable check certificate info in DB for Non-SIM WLAN access: false: disable true: enable (default) Takes effect: After next restart
`boolean`	`enablePki = false` Enable or disable Non-SIM Device Support (NSDS): false: disable (default) true: enable Takes effect: After next restart
`boolean[0..1]`	`enablePkiFE = false` Enable or disable PKI FE function: false: disable (default) true: enable Takes effect: After next restart
`string`	`pkiUsernamePrefix = 900 [ 1..3 ]` Set the prefix of username for Non-SIM WLAN access. The length of the prefix is 1-3. The prefix cannot be started with 0-8., and the default value is 900. Takes effect: After next restart Valid values: ^[^0-8].*$
`string`	`serverCertificateFileName = server.pem` Specifies the name of the server certificate file. The format of the sever certificate file is PEM. The server certificate file contains a single certificate or certificate chains. Takes effect: After next restart
`string`	`serverPrivateKeyFileName = server.key` Specifies the name of the server private key file. Takes effect: After next restart
`EcimPassword mandatory`	`serverPrivateKeyPassword` Server private key password Takes effect: After next restart

class AAAPKIService

class AAAServer

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksAAACommonRoot

+-AAAServer

+-LogManagement [1..1]

+-ThreadControlManager [1..1]

IPWorks AAA Server.

Attributes
`string key mandatory noNotification restricted`	`aaaServerId` The value component of the RDN.

class AAAServer

class AAAServerManager

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksAAACommonRoot

+-AAAServerManager

Configuration for AAA Server Manager

Attributes
`string key mandatory noNotification restricted`	`aaaServerManagerId` The identifier for the DNS Server Manager Log.
`string restricted`	`directory = /cluster/storage/no-backup/ipworks/logs` The directory where the log files are retained. Note: This parameter cannot be changed currently.
`uint32`	`fileSize = 10 { 1..20 }` This is the maximum allowable size for log files, specified in MB. When a file grows larger than the maximum file size, it will be closed and a new file will be generated.
`uint16`	`filesNumber = 10 { 1..20 }` The type of messages to write to the DNSSM logs. When it is set to LOG_LEVEL_DISABLE, no log is generated.
`IpworksLogLevel`	`level = LOG_LEVEL_DISABLE` Log Level
`IpworksLogTimelyRotate`	`timelyRotate = DISABLE` The frequency of creating a new log depends on the configured time interval.

class AAAServerManager

class AAASessionControl

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AAASessionControl

This is Managed Object Class for Radius AAA session control configuration.

Attributes
`string key mandatory noNotification restricted`	`aaaSessionControlId` The value component of the RDN.
`boolean`	`acctOnOffCloseAll = true` The switch to decides whether we should destroy all the related sessions to Accounting-On/Off message. The value can only be true or false. If the value is true, it means Accounting-On/Off message will destroy all the related sessions by nasid. If the value is false, it means Accounting-On/Off message will destroy the matched session by nasid and Acct-Session-Id. The default value is true. Takes effect: After next restart
`boolean`	`createProxySession = true` Specifies whether create proxy session. The default value is true Takes effect: After next restart
`boolean`	`expireDMNotify = false` Specifies whether notify DM when session expire. <to be explain later> The default value is false. Takes effect: After next restart
`uint16`	`expireTime = 1440 { 1..2880 }` The expired time of the session in minutes. The value range is from 1 to 2880. The default value is 1440. Unit: 1 minute Takes effect: After next restart
`boolean`	`multiSessionClassPrior = false` Specifies whether it's prior to use CLASS for mulitsession function. IPWorks AAA supports multiple accounting sessions belonging to the same user session. AVPs Acct-Multi-Session-Id and Class can be used to link all the accounting sessions to the user session. After the user session is created, all subsequent messages shall contain the same Class or Acct-Multi-Session-Id (if exists). the attribute is used to determine which AVP will be used in prior. false: AVP Acct-Multi-Session-Id is used. true : AVP Class is used. The default value is false. Takes effect: After next restart
`string`	`records = User-Name,NAS-Port,Framed-IP-Address,Called-Station-Id,Calling-Station-Id,Acct-Multi-Session-Id` A string with attributes which separated by comma is used to configure session working model and record contents. To session record contents, it can only include these values: "Class", "User-Name", "NAS-Port", "Framed-IP-Address", "Framed-IP-Netmask", "IP-Alloc-Pool", "Called-Station-Id", "Calling-Station-Id", "Acct-Multi-Session-Id", "NAS-Port-Id", "Chargeable-User-Identity", "Framed-Interface-Id", "Framed-IPv6-Prefix". If Class is in the record contents, session will be working on nasid and Class model, otherwise session will be working on nasid and Acct-Session-Id model. The default value is 'User-Name,NAS-Port,Framed-IP-Address,Called-Station-Id,Calling-Station-Id,Acct-Multi-Session-Id' Takes effect: After next restart
`boolean`	`terminateExpireSession = true` The switch to terminate expired session. The default value is true. Takes effect: After next restart
`string`	`threshold4SessionCapacity = 80,90` Specifies two threshold levels (as a percentage of the max. capacity value). The level2 is optional. AAA raises proper alarm(s) when the session capacity exceeds either level1 or level2 threshold. The users must configure at least the level1 threshold. If both level1 and level2 are configured, must type the value like "level1,level2", wherethe level2 value must be larger than level1, and no space is allowed after the comma;otherwise error message appears like Invalid Value. Regardless of level1 or level2, the valid value range is between 10 and 90. The defaultvalue of level1 and level2 is 80 and 90 respectively. Takes effect: After next restart Valid values: ^([1-9]{1,2}[0]?\|100),([1-9]{1,2}[0]?\|100)$
`boolean`	`updateIPViaAcct = false` Specifies whether update session IP address according to accounting message. The default value is false. Takes effect: After next restart

class AAASessionControl

class AccountingService

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AccountingService

+-AcctFinder [1..1]

+-AcctForward [1..1]

+-CSVEngineCommon [1..1]

+-CSVFTPInformation [1..1]

+-CsvGenerateMethod [1..1]

Accounting to csv record configuration.

Attributes
`string key mandatory noNotification restricted`	`accoutingServiceId` The value component of the RDN.
`CSVMode`	`csvMode = MESSAGE_BASED_CSV` Specifies the way of storing the accounting records. This attribute value is one of the following: MESSAGE_BASED_CSV SESSION_BASED_CSV DISABLE_CSV The default value is MESSAGE_BASED_CSV Takes effect: After next restart
`string mandatory`	`csvRecords` A string with attributes which separated by comma is used to configure message base csv record contents. The default value is "Acct-Status-Type,NAS-IP-Address,Acct-Session-Id". Takes effect: After next restart

class AccountingService

class AccountPolicy

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthenticationMethod

+-AccountPolicy

Configures properties of account policy.

References from:: UserAccount;
References to:: ManagedObject;

Attributes
`string key mandatory noNotification restricted`	`accountPolicyId` The value component of the RDN.
`uint16[0..1]`	`dormantTimer = 180 { 1..65535 }` Account dormant timer in days. Specifies the number of days it takes for the ME to automatically lock an account that was not used in this time period. The dormant state is calculated based on the lastLoginTime attribute and the current system time. No value means the account dormant time is not measured. Unit: 1 days
`ManagedObject[0..] noNotification readOnly`	`reservedByAccount` The accounts using this policy. Lists the Distinguished Names of UserAccount Managed Objects.
`string[0..1]`	`userLabel` An additional descriptive text.

class AccountPolicy

class AcctFinder

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AccountingService

+-AcctFinder

This is Managed Object Class for Accounting Finder.

Attributes
`string key mandatory noNotification restricted`	`acctFinderId` The value component of the RDN.
`uint16`	`finderBatchCount = 3000` Specifies the accouting finder batch count, ipworks finder batch records number is limited to count. The default value is 3000. Takes effect: After next restart
`uint16`	`finderInterval = 15` Specifies the accounting finder check interval. The default value is 15 seconds. Unit: 1 second Takes effect: After next restart
`uint16`	`finderStopTimeDelta = 5` Specifies the accounting finder stop time delta, IPWorks capture the accounting record that the last update time is less than current time minus delta time. The default value is 5 minutes. Unit: 1 minute Takes effect: After next restart

class AcctFinder

class AcctForward

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AccountingService

+-AcctForward

+-AcctForwardGroupMgr [1..1]

This is Managed Object Class for Accounting Forward /Mediation function

Attributes
`string key mandatory noNotification restricted`	`acctForwardId` The value component of the RDN.
`boolean`	`enable = false` Determine whether accounting forward method is used. If the value is true, Accouting Forward/Mediation function is enabled. The default value is false. Takes effect: After next restart
`uint8`	`maxForwardGroups = 5 { 1..5 }` Max number of forward groups. Takes effect: After next restart
`uint8`	`retryCount = 2 { 0..2 }` Max Retransmission number. AAA server retransmits accounting message to remote server if no response received in time. Takes effect: After next restart

class AcctForward

class AcctForwardGroup

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AccountingService

+-AcctForward

+-AcctForwardGroupMgr

+-AcctForwardGroup

This is Managed Object Class for Accounting Forward Group.

User can configure one of the parameters, triggerChecklist or triggerAVPs.

Forwarding behavior happens when the incoming Accounting Request message matches the configured trigger condition. If both of these two parameters are configured, forwarding behavior only happens when the incoming Accounting Request message matches both triggerChecklist and all AVPs in triggerAVPs.

Attributes
`string mandatory`	`acctForwardDestAddr` Accounting forward remote server address list, split by ",". For example, "10.175.185.52 , 10.175.185.53". Takes effect: After next restart
`string key mandatory noNotification restricted`	`acctForwardGroupId` The value component of the RDN.
`string[0..] nonUnique`	`triggerAVPs` triggerAVPs stands for AVP trigger rules. AVP value can be specific value, wildcard, and regular expression. e.g. "Framed-IP-Address=192.168.0.10" or "NAS-IP-Address=" or "NAS-Identifier=/REGEX/10." It's allowed to configure more than one AVPs for the same forwarding group. Accounting forwarding behavior only happens when the incoming Accounting Request message matches all the Trigger AVPs. For example: triggerAVPs=["NAS-Identifier=/REGEX/10.","NAS-IP-Address=","Framed-IP-Address=192.168.0.10"] Note: /REGEX/ is a common prefix and it is followed by a standard POSIX regular expression. Only AVP of string type can use regular expression; Takes effect: After next restart
`string[0..1]`	`triggerChecklist` Defines Trigger Checklist for the forwarding group. checklist can be configured by these Symbol:"==", "!=", "(", ")", "\|\|", "&&" for example: triggerChecklist="(NAS-Identifier == 10086) \|\| (NAS-IP-Address == 192.168.1.15)" note: checklist does not support wildcard or regular expression. Takes effect: After next restart

class AcctForwardGroup

class AcctForwardGroupMgr

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AccountingService

+-AcctForward

+-AcctForwardGroupMgr

+-AcctForwardGroup [0..]

Accouting Forward Group Manager.

Attributes
`string key mandatory noNotification restricted`	`acctForwardGroupMgrId` The value component of the RDN. Takes effect: After next restart

class AcctForwardGroupMgr

class AdministratorAccount

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthenticationMethod

+-AdministratorAccount

+-SshPublicKey [0..1]

The administrator account.

Used for initial and recovery scenarios when authentication to regular O&M accounts is inaccessible.

This MO is created by the system.

References to:: PasswordQuality;

Actions
`void`	`clearFailedAuthenticationAlarm ( );` Clears the alarm of failed authentications. The action shall be invoked when the external password attack leading to the Authentication Failure Limit Reached alarm is isolated from the ME or to test if the attack persists. The threshold when the alarm is raised can be configured by attributes passwordMaxFailure and passwordFailureCountInterval.

Attributes
`string key mandatory noNotification restricted`	`administratorAccountId` The value component of the RDN. The user ID to be provided at authentication.
`DateTime[0..1] readOnly`	`lastLoginTime` The date of the last successful login.
`DateTime[0..1] readOnly`	`passwordChangedTime` The time the password was last changed.
`int32[0..1]`	`passwordFailureCountInterval = 86400 { 1..2147483647 }` The time interval within which consecutive failed login attempts count in seconds. Specifies the time interval it takes to obsolete records in passwordFailureTimes used for attribute passwordMaxFailure. No value means the failure counter is reset only on successful authentication. Unit: 1 seconds
`DateTime[0..] nonUnique noNotification readOnly`	`passwordFailureTimes` Dates of failed login attempts. The list of dates when a user tried to authenticate to this account and failed. The attribute can be reset by a successful authentication. The dates outside the time-window set by passwordFailureCountInterval are removed.
`int32 noNotification readOnly`	`passwordHistoryLength` Specifies the number of passwords remembered by the ME to avoid reuse of old passwords.
`int32[0..1]`	`passwordMaxFailure = 3 { 1..32 }` Maximum failed login attempts to send an authentication failure alarm. Specifies the number of consecutive failed login attempts that can be performed before the account is alarmed, as counted in passwordFailureTimes. No value disables alarm sending.
`int32 noNotification readOnly`	`passwordMinLength` Minimum length of passwords. Specifies the minimum character lengths of passwords that the ME can accept.
`PasswordQuality mandatory`	`passwordQuality` The password quality parameters used. Refers to the DN of a PasswordQuality MO.

class AdministratorAccount

class APN

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-AAAPKIService

+-AAAPKIAPNList

+-APN

+-EPSSubscribedQoSProfile [0..1]

APN definition

Attributes
`AMBR[0..1]`	`ambr` Group AVP : AMBR Takes effect: After next restart
`string key mandatory noNotification restricted`	`apnId` The authentication and authorization request related to the specific APN of the specific user will be rejected, if the specific APN is not configured.
`string`	`apnName = example.apn` APN name Takes effect: After next restart
`uint32`	`contextIdentifier = 1` AVP : Context-Identifier Takes effect: After next restart
`uint8`	`pdnType = 0 { 0..3 }` AVP : PDN-Type Takes effect: After next restart
`string[0..1]`	`threegppChargingCharact = 0A00` AVP : 3GPP-Charging-Characteristics Takes effect: After next restart

class APN

class AppInstanceId

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-SS7Stack

+-AppInstanceIdMgr

+-AppInstanceId

Identity of AAA diameter application. In SS7 HD mode, assign an unique ID for AAA diameter applications in protocol server nodes. In SS7 standalone mode, use default value.

Attributes
`uint8`	`appInstanceId = 1` Identity of AAA diameter application. In SS7 HD mode, assign an unique ID for AAA diameter applications in protocol server nodes. In SS7 standalone mode, use default value. The default value is 1.
`string key mandatory noNotification restricted`	`nodeName` Node name, such as PL-3, PL-4.

class AppInstanceId

class AppInstanceIdMgr

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-SS7Stack

+-AppInstanceIdMgr

+-AppInstanceId [1..]

Identity of AAA diameter application. For different node, use different AppInstanceId.

Attributes
`string key mandatory noNotification restricted`	`appInstanceIdMgrId` The value component of the RDN.

class AppInstanceIdMgr

class ArwaConfiguration

..

+-SystemFunctions

+-Lm

+-ArwaConfiguration

Enables configuration of the Arwa server connection properties.

Actions
`boolean`	`connectToArwa ( );` connectToArwa will provide the action id result if the invocation is successful. Note: This action is only supported in LM deployments with an intermittent connection to Arwa.
`boolean`	`installCustomerMetadataFile ( string uri , EcimPasswordString password );` Initiates the installation of the Client Metadata file defined by the URI given as parameter. e.g. installClientMetadataFile file:///tmp/clientMetadata.xml Return value is TRUE in case the initiation succeeded or FALSE otherwise. installClientMetadataFile /tmp/clientMetaData.xml Parameters Name: uri Description: The URI of the metadata file that is to be installed. The URI may refer to a local (e.g., file:///data/dir/subdir/rbs006.xml) or to a remote (e.g., sftp://myuser@myhostname.ericsson.local/dir/subdir/rbs006.xml) file. If user name is needed to access the referenced file then the URI shall include the user name. The URI must not contain password. The generic URI syntax is defined by RFC 2396. sftp support is reserved for future use. Name: password Description: Password to access the referenced file. If authentication is not password based, this parameter will be ignored. This parameter is reserved for future use.

Attributes
`string key mandatory noNotification restricted`	`arwaConfigurationId` Holds the name used when identifying the MO.
`string[0..1] readOnly`	`customerName` Name of the current customer (eg. Customer1)
`DateTime[0..1] readOnly`	`licenseServerLastSuccessfulConnectTime` Last time of successful connection. i.e. “Fri, Dec 19, 2014 12:41:39 PM” Note: This attribute is only applicable to LM deployments with an intermittent connection to Arwa.
`DateTime[0..1] readOnly`	`licenseServerPlannedConnectEvent` Next Schedule for a planned connection to the Arwa server. NULL if it is PERMANENT connection. Note: This attribute is only applicable to LM deployments with an intermittent connection to Arwa.
`AsyncActionProgress[0..1] readOnly`	`reportProgress` Reports if the Arwa connection was successful or not.

class ArwaConfiguration

class AsdnsMonitor

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-AsdnsServer

+-AsdnsMonitor

+-AsdnsMonLog [1..1]

+-AsdnsMonTransLog [1..1]

It monitors the status of hosts on an enterprise network and report to the DNS server.
Responses to DNS queries regarding these hosts change depending upon their status.

Attributes
`string key mandatory noNotification restricted`	`asdnsMonitorId` The identifier of the ASDNS Monitor.

class AsdnsMonitor

class AsdnsMonLog

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-AsdnsServer

+-AsdnsMonitor

+-AsdnsMonLog

The class AsdnsMonLog controls ASDNS monitor's log generation.

Attributes
`string key mandatory noNotification restricted`	`asdnsMonLogId` The identifier for the ASDNS Monitor Log.
`string readOnly`	`directory = /cluster/storage/no-backup/ipworks/logs/` The directory where the log files are retained. Note: This parameter cannot be changed currently. The current log file is ipworks_asdnsmon.log and the most recent files are ipworks_asdnsmon.log.0 to ipworks_asdnsmon.log.<max-1>. When the current log exceeds the size limit or a time restriction, the algorithm performed is as follows: The ipworks_asdnsmon.log.<max-1> file is deleted. The .0 to .<max-2> files are renamed as .1 to .<max- 1> respectively. The current file is closed and renamed to ipworks_asdnsmon.log.0. A new ipworks_asdnsmon.log file is created.
`uint32`	`fileSize = 10 { 1..20 }` The maximum size (Mb) of log file. Specifies the maximum size of each log file. When this limit is exceeded, a new file is opened. The default is 10 MB. The maximum disk space consumed by the log files is this parameter times (1 plus the number of logs). With the default setting of 10 files and 10 MB, this means 110 MB of disk space.
`uint16`	`filesNumber = 10 { 1..20 }` Number of log files.Specifies the maximum number of log files to be retained. This excludes the current file and limits the number of the most recent old log files retained. The range is 1 to 20. The default value is 10.
`IpworksLogLevel`	`level = LOG_LEVEL_DISABLE` Log level.The default log level is DNS_LOG_LEVEL_DISABLE Specifies the logging information, --LOG_LEVEL_DISABLE : once it is selected, Monitor Log is disabled; --LOG_LEVEL_FATAL : Monitor Log is enabled and in fatal log level; --LOG_LEVEL_ERROR : Monitor Log is enabled and in error log level; --LOG_LEVEL_WARN : Monitor Log is enabled and in warning log level; --LOG_LEVEL_INFO : Monitor Log is enabled and in informational log level; --LOG_LEVEL_DEBUG : Monitor Log is enabled and in debug log level; --LOG_LEVEL_TRACE : Monitor Log is enabled and in trace log level;

class AsdnsMonLog

class AsdnsMonTransLog

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-AsdnsServer

+-AsdnsMonitor

+-AsdnsMonTransLog

IPWorks ASDNS monitor Transaction log relevant parameters.

Attributes
`string key mandatory noNotification restricted`	`asdnsMonTransLogId` The identifier for the ASDNS Monitor Transaction Log.
`string readOnly`	`directory = /cluster/storage/no-backup/ipworks/logs` Transaction Log Directory,specifies the location of the ASDNS monitor transaction log file. Note: This parameter cannot be changed currently. The transaction files record significant events such as, monitored resources changing state (up or down). The current transaction log file is ipworks_asdnsmon_trans.log and the most recent files are ipworks_asdnsmon_trans.log.0 to ipworks_asdnsmon_trans.log.<max-1>. When the current transaction log exceeds the size limit or a time restriction, the algorithm performed is as follows: -- The ipworks_asdnsmon_trans.log.<max-1> file is deleted. -- The .0 to .<max-2> files are renamed as .1 to <max- 1> respectively. -- The current file is closed and renamed to ipworks_asdnsmon_trans.log.0. -- A new ipworks_asdnsmon_trans.log file is created.
`uint32`	`fileSize = 1 { 1..20 }` Transaction Log Size (1-20) MB,specifies the maximum size of each transaction log file. When this limit is exceeded, a new file is opened. The default is 1 MB. Note: The maximum disk space consumed by the log files is this parameter times (1 plus the number of transaction logs, specified above). With the default setting of 10 files each 1 MB, this means 11 MB of disk space.
`uint16`	`filesNumber = 10 { 1..20 }` Number of Transaction Log,specifies the maximum number of transaction log files retained. This excludes the current file and limits the number of the most recent old transaction log files retained (ipworks_asdnsmon_trans.log.0 to ipworks_asdnsmon_trans.log.<max-1>). The range is 1 to 20; the default is 10.
`IpworksLogTimelyRotate`	`timelyRotate = DISABLE` Transaction Log Start ,specifies the timely based condition under which a new transaction log file is started. -- DISABLE = No time based condition (only the size limit causes a new file to be created). This is the default. -- HOURLY = Hourly, a new transaction log is created on the hour. -- DAILY = Daily, a new transaction log is created at the start of the day (00:00:00 Universal Time). -- WEEKLY = Weekly, a new transaction log is created at the start of a new week (Sunday morning). -- MONTHLY = Monthly, a new transaction log is created at the start of a new month. A new transaction log file is created when either the timely based condition occurs or the size limit of the file is reached.

class AsdnsMonTransLog

class AsdnsServer

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-AsdnsServer

+-AsdnsMonitor [1..1]

+-AsdnsSm [1..1]

ASDNS Server consists of ASDNS Monitor and ASDNS Monitor Serve Manager.

Attributes
`string key mandatory noNotification restricted`	`asdnsServerId` The identifier of the ASDNS server.

class AsdnsServer

class AsdnsSm

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-AsdnsServer

+-AsdnsSm

+-AsdnsSmLog [1..1]

Controls the ASDNS Monitor Server Manager on the host machine.

Attributes
`string key mandatory noNotification restricted`	`asdnsSmId` The identifier of the ASDNS Server Manager.

class AsdnsSm

class AsdnsSmLog

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-AsdnsServer

+-AsdnsSm

+-AsdnsSmLog

The class AsdnsSmLog controls ASDNS Server Manager's log generation.
Its parameters configure the log's directory, file size, files number, log level and timely rotation

Attributes
`string key mandatory noNotification restricted`	`asdnsSmLogId` The identifier for the ASDNS Server Manager Log.
`string restricted`	`directory = /cluster/storage/no-backup/ipworks/logs` The directory where the log files are retained. Note: This parameter cannot be changed currently.
`uint32`	`fileSize = 10 { 1..20 }` This is the maximum allowable size for log files, specified in MB. When a file grows larger than the maximum file size, it will be closed and a new file will be generated.
`uint16`	`filesNumber = 10 { 1..20 }` The maximum number of log files that can be kept. Excess files will be deleted.
`IpworksLogLevel`	`level = LOG_LEVEL_DISABLE` The type of messages to write to the DNSSM logs. When it is set to LOG_LEVEL_DISABLE, no log is generated.
`IpworksLogTimelyRotate`	`timelyRotate = DISABLE` The frequency of creating a new log depends on the configured time interval.

class AsdnsSmLog

class AuthenticationOrder

..

+-SystemFunctions

+-SecM

+-UserManagement

+-AuthenticationOrder

MO Class used to view the order of authentication methods.

This MO is created by the system.

Attributes
`MethodOrder[1..] readOnly`	`authenticationMethodOrder` The order in which authentication methods are to be used. Methods must be called up in the order specified by the orderNumber member. The method is referenced by the methodReference member.
`string key mandatory noNotification restricted`	`authenticationOrderId` The value component of the RDN.
`string[0..1]`	`userLabel` An additional descriptive text.

class AuthenticationOrder

class AuthMethodControl

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AuthMethodControl

+-AuthSelectorMgr [1..1]

+-EapMethodControl [1..1]

Auth Method Control.

Attributes
`string key mandatory noNotification restricted`	`authMethodControlId` The value component of the RDN. Takes effect: After next restart

class AuthMethodControl

class AuthorizationOrder

..

+-SystemFunctions

+-SecM

+-UserManagement

+-AuthorizationOrder

MO Class used to view the order of authorization methods.

This MO is created by the system.

Attributes
`MethodOrder[1..] readOnly`	`authorizationMethodOrder` The order in which authorization methods are to be used. Methods must be called up in the order specified by the orderNumber member. The method is referenced by the methodReference member.
`string key mandatory noNotification restricted`	`authorizationOrderId` The value component of the RDN.
`string[0..1]`	`userLabel` An additional descriptive text.

class AuthorizationOrder

class AuthSelector

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AuthMethodControl

+-AuthSelectorMgr

+-AuthSelector

Auth Method Selector.

Attributes
`string key mandatory noNotification restricted`	`authSelectorId` The value component of the RDN.
`boolean mandatory`	`isNeedAuthorization` Specifies whether authorization is needed after current auth action is successful. Takes effect: After next restart
`uint8 mandatory`	`rank` Specifies the rank of auth method, each auth method have unique rank value. Takes effect: After next restart
`string[1..] nonUnique`	`triggerAVPs = User-Name = ` Specifies the trigger AVPs for current auth method, it may have more than one TriggerAVPs. The default value is "User-Name = ". For example, a3eap Trigger AVPs value: User-Name = * EAP-Message = * Takes effect: After next restart

class AuthSelector

class AuthSelectorMgr

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AuthMethodControl

+-AuthSelectorMgr

+-AuthSelector [0..]

Auth method selector managerment.

Attributes
`string key mandatory noNotification restricted`	`authSelectorMgrId` The value component of the RDN.

class AuthSelectorMgr

class AutonomousMode

..

+-SystemFunctions

+-Lm

+-AutonomousMode

Autonomous Mode state information.

This MO is created by the system.

Attributes
`LmActivationState readOnly`	`activationState` Autonomous Mode activation state.
`string key mandatory noNotification restricted`	`autonomousModeId` The value component of the RDN.
`DateTime readOnly`	`expiration` Expiry date and time of Autonomous Mode. The value is NULL if the activation state is INACTIVE.

class AutonomousMode

class BindService

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-DnsServer

+-BindService

+-DnsLog [1..1]

+-DnsTransLog [1..1]

Controls the DNS Server installed on the host machine.

Attributes
`BindAsdnsPercentDiff`	`asdnsGrpDiff = BIND_ASDNS_GRP_ENABLE_DIFF_1` ASDNS Grouping Percent Difference,defines whether to enable or disable the grouping function and defines its value.
`string key mandatory noNotification restricted`	`bindServiceId` The identifier of the DNS service.
`uint32[0..1]`	`debugLogLevel = 1 { 1..99 }` Debug Logging Level (1-99),specifies when debug logging is enabled. Debug logging is enabled via setting log level to DNS_LOG_LEVEL_DEBUG in the MOC DnsLog. It controls the level of logging information. Following lists the categories and the settings for the various debugging levels that can be set. Debug Logging Categories (Level Setting) -Logs basic operations including zone loading; maintenance queries such as SOA and zone transfers, NOTIFY messages, and high-level task dispatching. (1, default) -Logs multicast requests.(2) -Logs low-level task creation, journaling activity, DNSSEC and TSIG validation.(3) -Logs when a master server answers an incremental zone transfer (IXFR) with an full transfer (AXFR) because the journal file is missing.(4) -Logs the view used for a request and AAAA synthesis processing.(5) -Logs outbound zone transfer information.(6) -Logs journal adds and deletes and byte counts for inbound zone transfers.(7) -Logs dynamic update processing and zone transfer details.(8) -Logs zone timer related activities and requests from blackholed addresses.(10) -Logs updates to a zone's refresh timer.(20) -Logs low-level task dispatcher related information.(90) The selected logging level includes the logging information of all levels below it. For example, selecting level 90 includes levels 1-8, 10, 20, and 90. Setting the debug logging level between indicated levels produces the same output as the lower indicated level. For example, levels 21-89 produce the same result as level 20. Note: Use debug logging only to diagnose problems. Turn it off during normal operation. This is because the log file grows rapidly when debugging is enabled. This will degrade server performance, especially at higher levels of debug logging.
`boolean[0..1]`	`internetDNS = false` internet DNS
`boolean`	`queryLogging = false` Toggle Query Logging,switches the Query Logging status on or off. The DNS Server must be running for this command to take effect. The status that is set for Query Logging is only maintained for the currently running process. When Query Logging is enabled, the DNS Server logs all queries it receives.
`boolean`	`securityLog = false` Determines whether the Security log is enabled.

class BindService

class BrM

..

+-SystemFunctions

+-BrM

+-BrmBackupManager [0..]

BrM Root MO class.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`brMId` The value component of the RDN.
`string[0..1]`	`exportPackageLabelPrefix` Free text to help better identify a backup export package when residing outside the ME. If specified, BRM prepends this prefix to the label that it generates for the backup export package.

class BrM

class BrmBackup

..

+-SystemFunctions

+-BrM

+-BrmBackupManager

+-BrmBackup

Represents one backup of the type and domain specified by the BrmBackupManager in which it is contained.

This MO is created by the system.

Actions
`boolean`	`cancelCurrentAction ( );` Cancel an ongoing asynchronous restore or export operation.
`boolean`	`export ( string uri , EcimPasswordString password );` Export the backup using the specified uri. This is an asynchronous action; progress and result will be reported in the progressReport attribute. Note that when finished successfully, a copy of the backup has been transferred and the original backup remains in the ME. Parameters Name: uri Description: Specifies the location (url) where the backup is to be exported or the resource name (urn) that encapsulates the backup export procedure. Name: password Description: The password required to access the location specified by the uri. If no password is required, this parameter may be omitted.
`boolean`	`restore ( );` Restore from this backup. This is an asynchronous action - progress and result will be reported in the progressReport attribute.

Attributes
`BrmAsyncActionProgress[0..1] noNotification readOnly`	`asyncActionProgress` The stucture used to report the progress and final result of asynchronous actions. [Deprecated - Replaced by progressReport] Deprecated: Replaced by progressReport
`string readOnly`	`backupDescriptor` This includes a list of storage owners that participate in a backup which is used by BRM when restoring or deleting the backup.
`string readOnly`	`backupName` Backup name, provided by the operator.
`string key mandatory noNotification restricted`	`brmBackupId` The value component of the RDN.
`DateTime readOnly`	`creationTime` Date and time when the backup was created (start time of backup procedure)
`BrmBackupCreationType readOnly`	`creationType` Creation type; whether manually created or automatically via BrmBackupScheduler.
`BrmAsyncActionProgress[0..1] readOnly`	`progressReport` Represents the progress report and final result of the ongoing (asynchronous) action in this MO, for example restore. This MO supports only one action to be executed at a time.
`BrmBackupStatus readOnly`	`status` Status of the backup.
`ProductData[0..] readOnly`	`swVersion` The administrative data portion of active software version(s) as specified in the software inventory management when the backup is created.

class BrmBackup

class BrmBackupHousekeeping

..

+-SystemFunctions

+-BrM

+-BrmBackupManager

+-BrmBackupHousekeeping

Provides optional support for automated housekeeping of manually created backups.

If autoDelete is set to ENABLED, before creating a new manual backup, BRM first checks the number of manual backups and if the limit specified by the value of maxStoredManualBackups is reached, BRM removes the oldest manual backup before creating a new one.

This MO is created by the system.

Attributes
`BrmManualBackupAutoDelete[0..1]`	`autoDelete = ENABLED` Determines whether automated housekeeping of manual backups is enabled. If ENABLED and the number of backups already stored on the ME is equal to the value of maxStoredManualBackups, BRM removes the oldest backup before creating a new one. If set to DISABLED, BRM does not attempt to remove the oldest backup and instead returns failure when createBackup() is invoked.
`string key mandatory noNotification restricted`	`brmBackupHousekeepingId` The value component of the RDN.
`uint32[0..1]`	`maxStoredManualBackups = 100` Maximum number of manual backups (per backup type) to store in the ME. When this limit is reached, if autoDelete=ENABLED, BRM removes the oldest manual backup before creating a new one; otherwise, an error is returned when createBackup() is invoked and the NMS must do the required housekeeping before attempting to create a new backup.

class BrmBackupHousekeeping

class BrmBackupLabelStore

..

+-SystemFunctions

+-BrM

+-BrmBackupManager

+-BrmBackupLabelStore

Provides optional support for labeling of certain backups.
This class contains attributes that help distinguish certain backups such as the last restored backup, primary restore candidate, and so on.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`brmBackupLabelStoreId` The value component of the RDN.
`string[0..1] readOnly`	`lastCreatedBackup` The name of the last created backup. This backup may be MANUAL or SCHEDULED. Note that this attribute will not be updated in case of a failed attempt to create a backup resulting in an INCOMPLETE backup.
`string[0..1] readOnly`	`lastExportedBackup` The name of the last exported backup from the ME. Note that this attribute will not be updated in case of a failed attempt to export a backup.
`string[0..1] readOnly`	`lastImportedBackup` The name of the last imported backup to the ME. Note that this attribute will not be updated in case of a failed attempt to import a backup.
`string[0..1] readOnly`	`lastRestoredBackup` The name of the backup that has been last used to restore the ME. This does not imply that the currently running version of the system is the same as this backup, but instead shows which one of the backups has last been used to restore the ME. In a system which has never been restored using a backup, this attribute is empty.
`string[0..] ordered readOnly`	`restoreEscalationList` Specifies a list of backups, by their name, in the order that shall be used to restore the ME if need be. Specifically, the first element of this ordered list identifies the 'primary restore candidate'. Should the attempt to restore the ME with a given backup fail, the next backup in the list must be tried.

class BrmBackupLabelStore

class BrmBackupManager

..

+-SystemFunctions

+-BrM

+-BrmBackupManager

+-BrmBackup [0..]

+-BrmBackupHousekeeping [0..1]

+-BrmBackupLabelStore [0..1]

+-BrmBackupScheduler [0..1]

Serves as container for Backup instances of a particular backupType and backupDomain.

This class also provides the actions for creating new backups, importing backups from other locations, and deleting existing backups of the corresponding type and domain.

This MO is created by the system.

Actions
`boolean`	`cancelCurrentAction ( );` Cancel an ongoing asynchronous createBackup, deleteBackup, or importBackup operation.
`boolean`	`createBackup ( string name );` Creates a new backup of the backupType and backupDomain managed by the BackupManager. This is an asynchronous action - progress and result will be reported in the ReportProgress attribute. Parameters Name: name Description: The name of the backup to create. If specified, input name validation is done by the implementation to forbid illegal names. Backup name validation rules are defined by the implementation and include duplicate backup names, names exceeding maximum allowed length, etc. If not specified, the implementation will generate a backup name automatically with format defined by the implementation, example: <managedElementId>_<YYYY-MM-DDThh-mm-ss>.
`boolean`	`deleteBackup ( string name );` Delete a backup specified by its name and of the backupType and backupDomain managed by this BackupManager. This is an asynchronous action - progress and result will be reported in the progressReport attribute. Parameters Name: name Description: The name of the backup to delete.
`boolean`	`importBackup ( string uri , EcimPasswordString password );` Import a backup using the specified uri. This is an asynchronous action; progress and result will be reported in the progressReport attribute. Note that the type and domain of the backup to be imported must match the backup type and domain indicated by the instance of the backup manager on which this action is invoked. Parameters Name: uri Description: Specifies the location (url) of the backup to import or the resource name (urn) that encapsulates the backup import procedure. Name: password Description: The password required to access the location specified by the uri. If no password is required, this parameter may be omitted.

Attributes
`BrmAsyncActionProgress[0..1] noNotification readOnly`	`asyncActionProgress` The structure used to report the progress and final result of asynchronous actions. [Deprecated - Replaced by progressReport] Deprecated: Replaced by progressReport
`string readOnly`	`backupDomain` Backup domain, for example System
`string readOnly`	`backupType` Type of backup; System Data or User Data.
`string key mandatory noNotification restricted`	`brmBackupManagerId` The value component of the RDN.
`BrmAsyncActionProgress[0..1] readOnly`	`progressReport` Represents the progress report and final result of the ongoing (asynchronous) action, for example createBackup. This MO supports only one action to be executed at a time.

class BrmBackupManager

class BrmBackupScheduler

..

+-SystemFunctions

+-BrM

+-BrmBackupManager

+-BrmBackupScheduler

+-BrmCalendarBasedPeriodicEvent [0..]

+-BrmPeriodicEvent [0..]

+-BrmSingleEvent [0..]

Provides optional support for scheduling of backup creation.

Each instance of BrmBackupScheduler MOC serves as the backup scheduler for the backup type indicated by its parent instance of BrmBackupManager. The scheduled backup event(s) can be instance(s) of BrmSingleEvent MOC, BrmCalendarBasedPeriodicEvent MOC, or BrmPeriodicEvent MOC contained in the instance of BrmBackupScheduler.

This MO is created by the system.

Attributes
`BasicAdmState[0..1]`	`adminState = UNLOCKED` Administrative state of the scheduler.
`BrmAutoExport[0..1]`	`autoExport = DISABLED` Determines whether a scheduled backup should be automatically exported upon successful creation. If set to ENABLED, the scheduled backup specified by the attribute 'mostRecentlyCreatedAutoBackup' will be exported to the location specified by the attribute 'autoExportUri' after it has been successfully created. Note that the automatic export will be triggered ONLY IF the creation of the scheduled backup has been successful; otherwise, no export operation will be triggered even if this attribute has been set to ENABLED. Also, note that setting this attribute to ENABLED has no impact on the scheduled backups that have already been created and stored prior to the new configuration.
`EcimPassword[0..1]`	`autoExportPassword` Password used by backup scheduler when automatically exporting a scheduled backup. If autoExport attribute if set to ENABLED, this password will be used for authentication when automatically exporting the scheduled backup.
`string[0..1]`	`autoExportUri` Uri used by backup scheduler when automatically exporting a scheduled backup. If autoExport attribute if set to ENABLED, this uri specifies the location to which the scheduled backup will be automatically exported.
`string key mandatory noNotification restricted`	`brmBackupSchedulerId` The value component of the RDN.
`uint32[0..1]`	`maxStoredScheduledBackups = 5` The maximum number of scheduled backups to store in the local ME. When this threshold is reached, the oldest scheduled backup is deleted by the BRM before creating a new one.
`string readOnly`	`mostRecentlyCreatedAutoBackup` The name of the scheduled backup created most recently by BrmBackupScheduler.
`DateTime[0..1] readOnly`	`nextScheduledTime = 2099-12-31T23:59:59` The date and time when the next scheduled event is triggered. This is the earliest scheduled event from the set of configured events, i.e. single, periodic, and calendar-based periodic events.
`BrmAsyncActionProgress[0..1] readOnly`	`progressReport` The structure used to report the progress and final result of asynchronous actions.
`string[0..1]`	`scheduledBackupName = BACKUP` The configurable portion of the scheduled backup name. The scheduled backups are named <scheduledBackupName>-<creation date and time>, where creation date and time is of type DateTime defined in the common library. Note: If date and time of creation (of the format DateTime) has '.' to denote the fraction of a second, it is rounded up and '.' is removed by BRM to maximize portability on the file system. Also, for the same reason, ":" is replaced by "-".
`OperState[0..1] readOnly`	`schedulerState` Operational state of the scheduler (ENABLED/DISABLED). If the scheduler configuration has been successfully done and the scheduler is administratively unlocked, the implementation sets this attribute to ENABLED to confirm that the scheduler has been successfully configured and the next event has been calculated. If the event(s) is scheduled for a limited period of time, at the end of the period when there is no more scheduled events, this attribute is set to DISABLED by the implementation.

class BrmBackupScheduler

class BrmCalendarBasedPeriodicEvent

..

+-SystemFunctions

+-BrM

+-BrmBackupManager

+-BrmBackupScheduler

+-BrmCalendarBasedPeriodicEvent

Periodic backup event using calendar-based interval.

This construct can be used to configure a periodic scheduled backup event by specifying the desired interval using calendar. For instance, in order to configure a scheduled backup event to occur every night at 2:00 am, the following setup must be done:
time=02:00:00
The start time for calculating scheduled events is assumed to be the current system time by default, unless explicitly set using the startTime attribute. Furthermore, if the configured event is to stop at a specific date, stopTime attribute must be set accordingly. Note that the default value of stopTime is the end of century.
A scheduled backup event of this type is triggered only if ALL the conditions with regard to attribute values are satisfied. For example, if "dayOfWeek" is set to Monday and "dayOfMonth" is set to 1, the event will be triggered only if the first day of month is Monday.
Daylight saving adjustments in Spring and Fall are addressed such that the affected scheduled backup events are triggered exactly once.

Attributes
`string key mandatory noNotification restricted`	`brmCalendarBasedPeriodicEventId` The value component of the RDN.
`DayOfMonth`	`dayOfMonth = 0` Day of month.
`DayOfWeek`	`dayOfWeek = ALL` Day of week.
`DayOfWeekOccurrence`	`dayOfWeekOccurrence = ALL` The occurrence of the day of week specified by dayOfWeek attribute in the month.
`Month`	`month = 0` Month.
`DateTime[0..1]`	`startTime` Start time. It is an optional attribute. If not specified, the implementation uses the current system time as the default value.
`DateTime[0..1]`	`stopTime = 2099-12-31T23:59:59` Stop time. It is an optional attribute. The default value is the end of the century.
`Time mandatory`	`time` This is the time when the scheduled event must occur.

class BrmCalendarBasedPeriodicEvent

class BrmPeriodicEvent

..

+-SystemFunctions

+-BrM

+-BrmBackupManager

+-BrmBackupScheduler

+-BrmPeriodicEvent

Periodic backup event.
This construct can be used to configure a periodic scheduled backup event by specifying the number of months, weeks, days, hours, or minutes. For instance, in order to configure a scheduled backup event to occur every 12 hours, the following setup must be done:

hours=12

The start time for calculating scheduled events is assumed to be the current system time by default, unless explicitly set using the startTime attribute. Furthermore, if the configured event is to stop at a specific date, stopTime attribute must be set accordingly. Note that the default value of stopTime is the end of century.

Attributes
`string key mandatory noNotification restricted`	`brmPeriodicEventId` The value component of the RDN.
`uint16`	`days = 0` The number of days.
`uint16 mandatory`	`hours` The number of hours.
`uint16`	`minutes = 0` The number of minutes.
`uint16`	`months = 0` Deprecated, The number of months. Replaced by CalendarBasedPeriodicEvent.month. Deprecated:
`DateTime[0..1]`	`startTime` Start time. It is an optional attribute. If not specified, the implementation uses the current system time as the default value.
`DateTime[0..1]`	`stopTime = 2099-12-31T23:59:59` Stop time. It is an optional attribute. The default value is the end of the century.
`uint16`	`weeks = 0` The number of weeks.

class BrmPeriodicEvent

class BrmSingleEvent

..

+-SystemFunctions

+-BrM

+-BrmBackupManager

+-BrmBackupScheduler

+-BrmSingleEvent

A single scheduled backup event.

This construct can be used to configure a single (one-shot) scheduled backup event by specifying the desired date and time.

Attributes
`string key mandatory noNotification restricted`	`brmSingleEventId` The value component of the RDN.
`DateTime mandatory`	`scheduledTime` Scheduled time.

class BrmSingleEvent

class CapacityKey

..

+-SystemFunctions

+-Lm

+-CapacityKey

Key of a licensed capacity that is available for the Managed Element.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`capacityKeyId` The value component of the RDN.
`string readOnly`	`capacityUnit` The licensed capacity measuring unit.
`DateTime[0..1] readOnly`	`expiration` The key expiry date and time. For perpetual keys, the value is NULL.
`int32 readOnly`	`grantedCapacityLevel` The capacity level currently granted by the License Manager. The attribute value is based on requests and releases of capacity units made by License Users. If such requests and releases are not made by License Users, the value of the attribute defaults to the licensed capacity limit. Note: The value of the attribute is not based on Performance Management data.
`string[0..1] readOnly`	`keyId` Identity of the feature under license control. E.g., CXC4011234, FAT1021234
`LmCapacityValue readOnly`	`licensedCapacityLimit` Licensed capacity limit as defined in the installed key file. For LM deployments that connect to Arwa, the licensed capacity limit is defined in the Arwa License Server. For LM deployments that connect to NeLS, the licensed capacity limit is the capacity limit value granted by NeLS.
`boolean readOnly`	`licensedCapacityLimitReached` Indicates whether or not current capacity usage reaches the licensed capacity limit. Note: This attribute is not applicable for LM deployments that connect to NeLS.
`string readOnly`	`name` The name of the feature represented by the key.
`string[0..1] readOnly`	`productType` Identifier of the type of product to which the capacity is related. This attribute is used only in systems where the different applications use separate key files to identify which application or product the capacity belongs to, e.g. “SASN”, “GSN_GGSN”, “SSR 8000”.
`boolean[0..1] readOnly`	`shared = false` Indicates whether the key is shared among Managed Elements or dedicated to the Managed Element. A key is dedicated to the Managed Element if the key can be used only by the Managed Element. This is always the case when the ELIM format is used. A key can be shared among multiple Managed Elements if it is installed on a License Server to which multiple Managed Elements connect.
`DateTime readOnly`	`validFrom` The date and time from which the key is valid.
`string[0..1] readOnly`	`version` Version of licensed feature.

class CapacityKey

class CertM

..

+-SystemFunctions

+-SecM

+-CertM

+-CertMCapabilities [1..1]

+-EnrollmentAuthority [0..]

+-EnrollmentServerGroup [0..]

+-NodeCredential [0..]

+-TrustCategory [0..]

+-TrustedCertificate [0..]

The top class of the Certificate Management model.

Certificate management encompasses management of node credentials and trusted certificates.

This MO is created by the system.

References to:: TrustedCertificate;

Actions
`boolean`	`cancel ( );` Cancels an ongoing action on this MO. Can be invoked during execution of an action.
`boolean`	`installTrustedCertFromUri ( string uri , EcimPasswordString uriPassword , Fingerprint fingerprint );` Installs a trusted certificate from the specified Uniform Resource Identifier (URI). The action can be invoked if no other action in progress on this MO. The action returns immediately after invocation. The progress of the action can be tracked via the reportProgress attribute. The action returns with TRUE after successful invocation, otherwise it returns with FALSE. The generic URI syntax is defined by RFC 3986. Example: sftp://myuser@myhostname.ericsson.local/dir/subdir/certificate Example: http://myhostname.ericsson.local/dir/subdir/certificate Parameters Name: uri Description: This parameter contains a URI assumed to point to the certificate file. The generic URI syntax is defined by RFC 3986. Example: sftp://myuser@myhostname.ericsson.local/dir/subdir/certificate The URI must not contain any password. The password shall be provided in the second parameter of this action. The URI may be local relative (e.g. data/dir/subdir/file), or local absolute (e.g. file:///data/dir/subdir/file), or remote (e.g. sftp://user@hostname/dir/subdir/file) or remote relative (e.g. sftp://user@hostname/~/cert.pem). If the URI is local relative, the file is expected to be under the directory path indicated by the localFileStorePath attribute in the CertM MO. Name: uriPassword Description: The password section of the URI. If a password is not required, the 'NULL' string must be provided. Name: fingerprint Description: The Secure Hash Algorithm (SHA) fingerprint of the certificate to be installed. The fingerprint is checked against the fingerprint calculated on the installed file. If fingerprint verification is not required, the 'NULL' string has to be provided. The hash must be calculated by the SHA algorithm indicated in fingerprintSupport of the CertMCapabilities MO.
`boolean`	`removeTrustedCert ( TrustedCertificate trustedCert );` Removes a trusted certificate. Parameters Name: trustedCert Description: The DN of the TrustedCertificate MO to be removed.

Attributes
`string key mandatory noNotification restricted`	`certMId` The value component of the RDN.
`string[0..1] readOnly`	`localFileStorePath` Contains a file sytem path for locally stored certificates. The default directory path on the ME file system where certificates or credential containers are stored. It may store locally generated files or files generated after push download.
`AsyncActionProgress[0..1] readOnly`	`reportProgress` Reports the progress of the ongoing action on this MO.
`string[0..1]`	`userLabel` An additional descriptive text.

class CertM

class CertMCapabilities

..

+-SystemFunctions

+-SecM

+-CertM

+-CertMCapabilities

Contains the certificate management capabilities of the ME.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`certMCapabilitiesId` The value component of the RDN.
`EnrollmentSupport[1..] nonUnique noNotification readOnly`	`enrollmentSupport` Indicates the enrollment methods supported by the ME.
`FingerprintSupport[0..1] noNotification readOnly`	`fingerprintSupport` The secure hash algorithm the ME supports for fingerprint calculation. The attributes and parameters in the CertM model taking a fingerprint must be provided by calculating the fingerprint using the indicated algorithm.

class CertMCapabilities

class ClientSharedSecret

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusStack

+-SharedSecretMgr

+-ClientSharedSecretMgr

+-ClientSharedSecret

Client Shared Secret Configuration.

Attributes
`Ipv4Ipv6 mandatory`	`clientIPAddr` NAS client IP address, it may be IPv4 or IPv6. Takes effect: Immediately
`string key mandatory noNotification restricted`	`clientSharedSecretId` The value component of the RDN.
`string mandatory`	`sharedSecretValue` Shared Secret value related to the NAS client IP address. Takes effect: Immediately
`SharedSecretType`	`type = ALL` Specifies the client shared secret type. The default value is ALL. Takes effect: Immediately

class ClientSharedSecret

class ClientSharedSecretMgr

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusStack

+-SharedSecretMgr

+-ClientSharedSecretMgr

+-ClientSharedSecret [0..]

Client Shared Secret Managerment.

Attributes
`string key mandatory noNotification restricted`	`clientSharedSecretMgrId` The value component of the RDN.

class ClientSharedSecretMgr

class CliSsh

..

+-SystemFunctions

+-SysM

+-CliSsh

Represents the CLI configuration management service over Secure Shell.

This MO is created by the system.

Attributes
`BasicAdmState mandatory`	`administrativeState` The administrative state for the CLI target. When LOCKED all on-going CLI connections will immediately be terminated. NOTE: Setting the administrativState to LOCKED for all Netconf and CLI interfaces disables O&M access to the ME. Refer to product specific troubleshooting instructions to resolve such a scenario.
`string key mandatory noNotification restricted`	`cliSshId` The value component of the RDN.

class CliSsh

class CliTls

..

+-SystemFunctions

+-SysM

+-CliTls

Represents the CLI configuration management service over Transport Layer Security (TLS).

This MO is created by the system.

References to:: ManagedObject;

Attributes
`BasicAdmState mandatory`	`administrativeState` The administrative state for the CLI target. When LOCKED all on-going cli connections will immediately be terminated. NOTE: Setting the administrativState to LOCKED for all Netconf and CLI interfaces disables O&M access to the ME. Refer to product specific troubleshooting instructions to resolve such a scenario.
`string key mandatory noNotification restricted`	`cliTlsId` The value component of the RDN.
`ManagedObject[0..1]`	`nodeCredential` The credential used for the CLI service. Specifies the DN of a NodeCredential MO in Certificate Management.
`ManagedObject[0..1]`	`trustCategory` The set of certificates trusted by the CLI service. Specifies the DN of a TrustCategory MO in Certificate Management.

class CliTls

class CoaFormat

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-DMCOAService

+-CoaFormatMgr

+-CoaFormat

COA format.

Attributes
`string key mandatory noNotification restricted`	`coaFormatId` The value component of the RDN.
`string mandatory`	`format` Specifies the format of CoA. The CoA message content, which includes some AVPs. The AVPs value are separated by comma. Syntax: expression := condition \| ', ' expression condition := avpname = value value := fixed value \| $SESSION • avpname: The attribute. It can be one of the following: User-Name, NAS-IP-Address, NAS-Port, Service-Type, Framed-Protocol, Framed-IP-Address, Framed-IP-Netmask, Framed-Routing, Filter-ID, Framed-MTU, Framed-Compression, Login-IP-Host, Login-Service, Login-TCP-Port, Reply-Message, Callback-Number, Callback-Id, Framed-Route, Framed-IPX-Network, State, Class, Vendor-Specific, Session-Timeout, Idle-Timeout, Termination-Action, Called-Station-Id, Calling-Station-Id, NAS-Identifier, Proxy-State, Login-LAT-Service, Login-LAT-Node, Login-LAT-Group, Framed-AppleTalk-Link, Framed-AppleTalk-Network, Framed-AppleTalk-Zone, Acct-Session-Id, Acct-Multi-Session-Id, Event-Timestamp, Egress-VLANID, Ingress-Filters, Egress-VLAN-Name, User-Priority-Table, NAS-Port-Type, Port-Limit, Login-LAT-Port, Tunnel-Type, Tunnel-Medium-Type, Tunnel-Client-Endpoint, Tunnel-Server-Endpoint, Tunnel-Password, ARAP-Features, ARAP-Zone-Access, Configuration-Token, Message-Authenticator, Tunnel-Private-Group-ID, Tunnel-Assignment-ID, Tunnel-Preference, Acct-Interim-Interval, NAS-Port-Id, Framed-Pool, Chargeable-User-Identity, Tunnel-Client-Auth-ID, Tunnel-Server-Auth-ID, NAS-Filter-Rule, NAS-IPv6-Address, Framed-Interface-Id, Framed-IPv6-Prefix, Login-IPv6-Host, Framed-IPv6-Route, Framed-IPv6-Pool, Delegated-IPv6-Prefix, ERICSSON-ACG-ID, ERICSSON-Authorization-Code • value: A fixed value or $SESSION. For example, GGSNCOA format value: Acct-Session-Id=$SESSION,ERICSSON-ACG-ID=$SESSION,ERICSSON-Authorization-Code="0 0 0 1" Takes effect: After next restart
`string mandatory`	`name` Specifies the name of COA format. For example, GGSNCOA. Takes effect: After next restart

class CoaFormat

class CoaFormatMgr

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-DMCOAService

+-CoaFormatMgr

+-CoaFormat [0..]

COA format management.

Attributes
`string key mandatory noNotification restricted`	`coaFormatMgrId` The value component of the RDN.

class CoaFormatMgr

class ComputeResource

ManagedElement

+-Equipment

+-ComputeResource

Represents a compute resource (virtual or physical) that is allocated to the managed element.
This resource can be a piece of hardware or a VM provided by a virtualization infrastructure management system.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`computeResourceId` The value part of the RDN.
`string[1..] noNotification readOnly`	`macAddress` The MAC address(es) of the resource.
`string[0..1] noNotification readOnly`	`uuid` Universally unique identifier of the resource.

class ComputeResource

class ComputeResourceRole

..

+-SystemFunctions

+-SysM

+-CrM

+-ComputeResourceRole

Represents the service (defined by the role) provided by the compute resource.
Logically, an instance of this class represents the state of the software stack (operating system, middleware, and application) running on the compute resource.

This MO is created by the system.

References to:: ManagedObject;

Attributes
`AdmState[0..1]`	`adminState` Administrative state of compute resource role. Can be used to to temporarily stop services provided by the compute resource in a graceful fashion (e.g. for HW maintenance, etc.) While in LOCKED state, no services is provided until set to UNLOCKED.
`string key mandatory noNotification restricted`	`computeResourceRoleId` The value component of the RDN.
`InstantiationState[0..1] readOnly`	`instantiationState` Instantiation state of the compute resource role.
`OperState[0..1] readOnly`	`operationalState` Operational state of the compute resource role.
`ManagedObject[0..1]`	`provides` Reference to an instance of Role MO. This determines what role (which dictates what type of service) is provided by the compute resource. The role is identified by the Distinguished Name of the Role MO.
`ManagedObject[0..1] readOnly`	`uses` Reference to the compute resource which is used by this MO. The compute resource is identified by the Distinguished Name of the ComputeResource MO.

class ComputeResourceRole

class CrM

..

+-SystemFunctions

+-SysM

+-CrM

+-ComputeResourceRole [0..]

+-Role [0..]

The root class

This MO is created by the system.

Attributes
`AutoRoleAssignment[0..1]`	`autoRoleAssignment` Shows whether a role, if one exists, should be automatically assigned to newly detected compute resrouce(s).
`string key mandatory noNotification restricted`	`crMId` The value component of the RDN.

class CrM

class CSVEngineCommon

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AccountingService

+-CSVEngineCommon

For user to transfer the CSV files to a remote FTP server

Attributes
`string key mandatory noNotification restricted`	`csvEngineCommonId` The value component of the RDN.
`string noNotification readOnly`	`directory = /cluster/storage/no-backup/ipworks/logs` Directory to store the log files.
`uint8`	`fileSize = 2 { 1..10 }` Max size of each log file (MB). Unit: 1 MB Takes effect: Immediately
`IpworksLogLevel`	`level = LOG_LEVEL_ERROR` Log level Takes effect: Immediately
`uint8`	`maxLogs = 5 { 1..10 }` Max number of log files for current type. Unit: 1 entries Takes effect: Immediately

class CSVEngineCommon

class CSVFTPInformation

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AccountingService

+-CSVFTPInformation

This Managed Object Class is configured howto transfer the CSV files to a remote FTP server

Attributes
`string key mandatory noNotification restricted`	`csvFtpInformationId` The value component of the RDN.
`Ipv4Ipv6`	`ftpServerAddress = 127.0.0.1` The IP address of FTP server. This is only valid for FTP push method. Takes effect: After next restart
`Port`	`ftpServerPort = 21` The port of FTP server. This is only valid for FTP push method. Takes effect: After next restart
`FTPTransferMethod`	`mode = PULL_METHOD` IPWorks enables the user to transfer the CSV files to a remote FTP server if needed. Specifies the FTP transfer method of CSV File: PULL_METHOD PUSH_METHOD The settings of the other FTP Transfer parameters take effect only when this parameter is set to PUSH_METHOD. Takes effect: After next restart
`EcimPassword mandatory`	`password` The password of FTP server for the username. This is only valid for FTP push method. Takes effect: After next restart
`uint8`	`transferFileNum = 3 { 0..10 }` The number of files to push in one transaction. This is only valid for FTP push method. If the number of the CSV files stored in CSV Generator File Directory exceeds the configured value, only the configured number of the CSV files will be transferred. Takes effect: After next restart
`string`	`username = admin` The username of FTP server. This is only valid for FTP push method. Takes effect: After next restart

class CSVFTPInformation

class CsvGenerateMethod

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AccountingService

+-CsvGenerateMethod

This is Managed Object Class for user to set the accounting file generating method.

Attributes
`boolean`	`acctMessageReadable = false` The default value is false. If the value is true, the accounting message will be readable. Takes effect: After next restart
`string`	`csvBackupFileDir = /cluster/ipworks/cdr/csvbackup/` Specifies the CSV backup file directory. The default setting is /cluster/ipworks/cdr/csvbackup/. Takes effect: After next restart
`CSVFileGenerateRule`	`csvFileGenerateRule = FILE_SIZE` Specifies the CSV Generating file rules: FILE_SIZE FILE_RECORD_NUMBER TIME_INTERVAL FILE_SIZE_OR_TIME_INTERVAL The default value is FILE_SIZE . Takes effect: After next restart
`uint16`	`csvFileRecordNum = 2500 { 1..10000 }` Specifies the CSV file maximum record number. The range is 1-10000. The default value is 2500. Takes effect: After next restart
`uint8`	`csvFileSize = 10 { 1..20 }` Specifies the CSV file maximum size in megabytes. The range is 1-20. The default value is 10. If the file size set too small, it will slightly impact session based radius traffic. Takes effect: After next restart
`uint8`	`csvFileTimeInterval = 15 { 1..60 }` Specifies the CSV file time interval in minutes. The range is 1-60. The default value is 15. Unit: 1 minute Takes effect: After next restart
`string key mandatory noNotification restricted`	`csvGenerateMethodId` The value component of the RDN.
`string mandatory`	`csvGeneratorFileDir` Specifies the CSV Generated file directory. The default setting is /cluster/ipworks/cdr/payment/. Use different sub-folder for msgbase and CSV generator. Takes effect: After next restart
`uint16`	`csvPaymentBackupExpireTime = 10080` Specifies the CSV backup file expire time. Only for CSV generator. The default value is 10080 minutes. Unit: 1 minute Takes effect: After next restart
`string mandatory`	`csvPaymentTempFileDir` Specifies the temp file directory of CSV payment. Only for CSV generator. The default setting is /cluster/ipworks/cdr/temp/. Takes effect: After next restart
`Ipv4Ipv6`	`generatorEngineAddress = 127.0.0.1` Specifies the address of AAA CSV Generator. The default value is 127.0.0.1. Only for CSV generator. Takes effect: After next restart
`Port`	`generatorEnginePort = 56165` Specifies the port number of AAA CSV Generator. The value range is 50000-60000. Only for CSV generator. The default value is 56165. Takes effect: After next restart
`uint16`	`pkMaxFileRecordNum = 0` Specifies the accouting PK maximum file record number. The default value is 0, 0 means not limit. Takes effect: After next restart
`uint8`	`pkMaxFileSize = 2 { 1..20 }` Specifies maximum size of the PK file in megabytes. The range is 1-20. The default value is 2. Takes effect: After next restart

class CsvGenerateMethod

class CudbFunction

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-DataBaseInfo

+-CudbManager

+-CudbFunction

CUDB functions.

Attributes
`uint8`	`busyRateThreshold = 2 { 0..100 }` The threshold value in percentage of busy response numbers (from cudb node) and ldap requests number (from IPWorks). When the real value exceeds this threshold value, IPWorks starts to discard Access-Request. The threshold value in percentage of the rate: number of LDAP_BUSY( received from CUDB) / number of queries (sent to CUDB).
`string key mandatory noNotification restricted`	`cudbFunctionId` The value component of the RDN.
`uint8`	`maxRejectRate = 95 { 0..100 }` The Max rate of rejecting or discarding Access-Request in CUDB overload protection situation.
`uint8`	`maxRetry = 3 { 0..5 }` Max retry of the polling.
`uint8`	`pollingInterval = 3 { 1..120 }` Polling interval per n seconds.
`uint8`	`rejectRateDownStep = 10` The step value in percentage used in continuous CUDB overload protection situation. The next rejection rate is the step value plus the previous rejection rate.
`uint8`	`rejectRateUpStep = 5` The step value in percentage used in recovery procedure from CUDB overload protection. The next rejection rate is the previous rejection rate minus the step value.
`uint8`	`timeWheelInterval = 1` The interval of the time wheel.
`uint8`	`timeWheelLength = 10` the length of time wheel.

class CudbFunction

class CudbManager

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-DataBaseInfo

+-CudbManager

+-CudbFunction [1..1]

+-CudbServiceSite [0..]

CUDB connection management

Attributes
`string key mandatory noNotification restricted`	`cudbManagerId` The value component of the RDN.

class CudbManager

class CudbNode

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-DataBaseInfo

+-CudbManager

+-CudbServiceSite

+-CudbSiteManager

+-CudbSite

+-CudbNode

CUDB node information

Attributes
`Ipv4Ipv6`	`address = 10.170.15.188` The IP address of the node.
`string key mandatory noNotification restricted`	`cudbNodeId` The name of the site. A site contains serveral nodes.
`string[0..1]`	`distinguishedName` distinguished name
`EcimPassword[0..1]`	`password` The password used by bind request.
`uint16`	`poolSize = 400` The number of TCP connection established with CUDB (default value 400).
`uint32`	`port = 389` The ldap listen port of CUDB node (default port 389).

class CudbNode

class CudbServiceSite

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-DataBaseInfo

+-CudbManager

+-CudbServiceSite

+-CudbSiteManager [1..1]

+-LdapOption [1..1]

CUDB Service and Site configuration information.

Attributes
`string key mandatory noNotification restricted`	`cudbServiceSiteId` The value component of the RDN.

class CudbServiceSite

class CudbSite

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-DataBaseInfo

+-CudbManager

+-CudbServiceSite

+-CudbSiteManager

+-CudbSite

+-CudbNode [0..]

A site contains several nodes.

Attributes
`string key mandatory noNotification restricted`	`cudbSiteId` The value component of the RDN.

class CudbSite

class CudbSiteManager

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-DataBaseInfo

+-CudbManager

+-CudbServiceSite

+-CudbSiteManager

+-CudbSite [0..]

CUDB site management.

Attributes
`string key mandatory noNotification restricted`	`cudbSiteManagerId` The value component of the RDN.

class CudbSiteManager

class CustomRole

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthorizationMethod

+-CustomRole

Authorization roles defined by the MS that may be assigned to users.

CustomRole MO instances are associated to CustomRule MO instances, which define the access controls to objects.

References from:: CustomRule;
References to:: CustomRule;

Attributes
`string key mandatory noNotification restricted`	`customRoleId` The value component of the RDN.
`string mandatory restricted`	`roleName` The role name a user may have. The name must match a role name retrieved from the user information store.
`CustomRule[1..] nonUnique mandatory`	`rules` The rules of the role created by the MS. Contains the Distinguished Names of CustomRule MO instances.
`string[0..1]`	`userLabel` An additional descriptive text.

class CustomRole

class CustomRule

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthorizationMethod

+-CustomRule

The rules created by the MS that define the access control to objects.

The CustomRule MO instances are associated with CustomRole MO instances, which may be then applied to users.

References from:: CustomRole;
References to:: CustomRole;

Attributes
`string key mandatory noNotification restricted`	`customRuleId` The value component of the RDN.
`PermissionType mandatory`	`permission` Permission is the access right the rule provides on a target specified by the ruleData attribute.
`CustomRole[0..] nonUnique noNotification readOnly`	`reservedByRoles` The roles to which this rule is associated. Indicates the Distinguished Names of CustomRole MO instances that refer to this CustomRule MO.
`RuleDataType mandatory`	`ruleData` Defines the model elements for which the permission is applicable.
`string[0..1]`	`ruleName` The rule name.
`string[0..1]`	`userLabel` An additional descriptive text.

class CustomRule

class DataBaseInfo

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-DataBaseInfo

+-CudbManager [0..1]

+-MySQLInfo [1..1]

DataBase connect information.

Attributes
`string key mandatory noNotification restricted`	`dataBaseInfoId` The value component of the RDN.

class DataBaseInfo

class DateAndTime

..

+-SystemFunctions

+-SysM

+-TimeM

+-DateAndTime

Local time and time zone values.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`dateAndTimeId` The value component of the RDN.
`DifferenceFromUTC[0..1] readOnly`	`dateTimeOffset` The offset in hours and minutes from UTC to local time.
`DateTime[0..1] noNotification readOnly`	`localDateTime` The local date and time of the ME. Local time is standard time in a time zone at a fixed offset from Coordinated Universal Time (UTC), possibly adjusted by Daylight Saving Time (DST) during part of the year.
`string[0..1]`	`timeZone` The time zone of the ME. A time zone is a region that has a uniform standard time. The string must match an entry in the ME’s time zone database, for example ‘Europe/Stockholm’.
`string[0..1] readOnly`	`tzRevision` The revision of the time zone database stored on the ME.

class DateAndTime

class DHCPServer

ManagedElement

+-IpworksFunction

+-IPWorksDHCPRoot

+-DHCPServer

+-DHCPv4Log [1..1]

+-DHCPv4TransactionLog [1..1]

Configuration for specific DHCP Server.

Attributes
`string key mandatory noNotification restricted`	`dhcpServerId` The value component of the RDN.
`Ipv4[0..1]`	`serverIdentifier` Specifies the traffic IP Address of the DHCPv4 server. Takes effect: After next restart

class DHCPServer

class DHCPServerManager

ManagedElement

+-IpworksFunction

+-IPWorksDHCPRoot

+-DHCPServerManager

Configuration for DHCP Server Manager

Attributes
`string key mandatory noNotification restricted`	`dhcpServerManagerId` The value component of the RDN.
`string[0..1]`	`directory = /cluster/storage/no-backup/ipworks/logs` Specifies the path of the log file. The default setting is /cluster/storage/no-backup/ipworks/log.
`uint32[0..1]`	`fileSize = 10 { 1..20 }` Configures the maximum log file size. The range is between 1 and 20. The unit is MB. And the default value is 10. Takes effect: Immediately
`uint16[0..1]`	`filesNumber { 1..20 }` Configures the maximum number of log files. The range is between 1 and 20. The default value is 10. Takes effect: Immediately
`IpworksLogLevel[0..1]`	`level = LOG_LEVEL_DISABLE` Specifies the severity of logging information that is recorded. LOG_LEVEL_DISABLE: Disable log level. LOG_LEVEL_FATAL/LOG_LEVEL_ERROR: Errors and Traces LOG_LEVEL_WARN: High level Server Manager activity LOG_LEVEL_INFO: High Level Network activity LOG_LEVEL_DEBUG: Network packets LOG_LEVEL_TRACE: All Each level includes the logging information that is lower than its severity. Takes effect: Immediately
`int16`	`maxLeaseQuery = 256 { 1..5000 }` Specifies the maximum number of leases that can be displayed. The value range is between 1 and 5000. The default value is 256. Takes effect: After next restart
`IpworksLogTimelyRotate[0..1]`	`timelyRotate = DISABLE` log rotation

class DHCPServerManager

class DHCPv4Log

ManagedElement

+-IpworksFunction

+-IPWorksDHCPRoot

+-DHCPServer

+-DHCPv4Log

DHCP LOG configuartion

Attributes
`string key mandatory noNotification restricted`	`dhcpv4LogId` id of the MO
`string readOnly`	`directory = /cluster/storage/no-backup/ipworks/logs` Specifies the location of the DHCPv4 server log file. The default is /cluster/storage/no-backup/ipworks/logs/<PL-X>/. The current log file is ipworks_dhcpv4.log and the most recent files are ipworks_dhcpv4.log.0 to ipworks_dhcpv4.log.<max-1>. When the current log exceeds the size limit or a time restriction, the algorithm performs as follows: -The ipworks_dhcpv4.log.<max-1> file is deleted. -The .0 to .<max-2> files are renamed as .1 to .<max-1> respectively. -The current file is closed and renamed to ipworks_dhcpv4.log.0. -A new ipworks_dhcpv4.log file is created.
`uint8`	`fileSize = 10 { 1..20 }` Specifies the maximum size of each log file. When this limit is exceeded, a new file is opened. The default is 10 MB. Takes effect: Immediately
`IpworksLogLevel`	`level = LOG_LEVEL_ERROR` Log level. Specifies the severity of logging information that is recorded. LOG_LEVEL_DISABLE: Disable log level. LOG_LEVEL_FATAL/LOG_LEVEL_ERROR: Errors and Traces. LOG_LEVEL_WARN: High level Server Manager activity. LOG_LEVEL_INFO: High Level Network activity. LOG_LEVEL_DEBUG: Network packets. LOG_LEVEL_TRACE: All. Each level includes the logging information that is lower than its severity. Takes effect: Immediately
`uint8`	`maxLogs = 10 { 1..20 }` Specifies the maximum number of log files retained. This excludes the current file, and limits the number of the most recent old log files retained (ipworks_dhcpv4.log.0 to ipworks_dhcpv4.log.<max-1>). The range is 1 to 20. The default value is 10. Takes effect: Immediately
`IpworksLogTimelyRotate`	`timeBasedLog = DISABLE` Specifies the time-based condition under which a new log file is created. The default value is DISABLE. DISABLE: No time-based condition. Only the size limit causes a new file to be created. This is the default value. HOURLY DAILY WEEKLY MONTHLY A new log file is created when either the time based condition occurs or the file size-limit is reached. Takes effect: Immediately

class DHCPv4Log

class DHCPv4Service

ManagedElement

+-IpworksFunction

+-IPWorksDHCPRoot

+-DHCPv4Service

Configuration for DHCP service. It's shared by all DHCP server.

Attributes
`string[0..1]`	`arguments` Specifies the Arguments that are used to start the server, which are as follows: -p : UDP port number. -d : Run the server as daemon. -f : Run the server as daemon. -cf : Specify the alternative configuration file and it's directory. -lf : Specify the lease file and its directory. -t : For testing. -T : For testing. -s : Specify the server name. -if0..ifN : Specify the number of interfaces. Takes effect: After next restart
`IpworksDhcpv4AuthLevel`	`authenticationLevel = NONE` Specifies the server authentication as follows: NONE : Authentication not supported. Only unauthenticated responses are sent even if clients require authentication. MANDATORY : Authentication is mandatory. Client must include the authentication option, and it must be valid. OPTIONAL : Authentication is optional. It depends on the client’s authentication option. Takes effect: After next restart
`string key mandatory noNotification restricted`	`dhcpv4ServiceId` The value component of the RDN.
`boolean`	`enableAutoReconfig = false` Enables (true) or disables (false) sending the automatic notification of FORCERENEW to the client, when the client is in the event of changing address range. It is disabled by default. Administrators can reconfigure manually from the IPWCLI if auto-reconfiguration is disabled. Changes other than address range need to be reconfigured manually. Takes effect: After next restart
`int32[0..1]`	`lowTPSThreshold { 0..3000 }` The value range is 0~3000. When the TPS under the threshold level, a low TPS alarm will be raised. 0 means disable the low TPS alarm.
`uint32`	`reconfigThreshold = 0 { 0..50000 }` Specifies the number of FORCERENEW notifications to be sent concurrently in the event of server reconfiguration. The default value is 0, which means all the clients will be sent notifications at once. This can increase the load on the network beyond its tolerance limit. Takes effect: After next restart

class DHCPv4Service

class DHCPv4TransactionLog

ManagedElement

+-IpworksFunction

+-IPWorksDHCPRoot

+-DHCPServer

+-DHCPv4TransactionLog

DHCPv4 server transaction log configuration

Attributes
`string key mandatory noNotification restricted`	`dhcpv4TransactionLogId` The value component of the RDN.
`string readOnly`	`directory = /var/ipworks/logs` Specifies the location of the DHCPv4 server transaction log file. The default directory is /var/ipworks/logs. The transaction files record significant events such as, addresses assigned to clients and server stops and starts. The current transaction log file is ipworks_dhcpv4_trans.log and the latest files are ipworks_dhcpv4_trans.log.0 to ipworks_dhcpv4_trans.log.<max-1>. When the current transaction log exceeds the size limit or a time restriction, the algorithm performed is as follows: The file ipworks_dhcpv4_trans.log.<max-1> file is deleted. The .0 to .<max-2> files are renamed as .1 to .<max-1> respectively. The current file is saved and renamed to ipworks_dhcpv4_trans.log.0. A new ipworks_dhcpv4_trans.log file is created. The transaction log will be cleared when server reboot.
`uint8[0..1]`	`fileSize = 1 { 1..20 }` Specifies the maximum size of each transaction log file. When this limit is exceeded, a new file is created. The default size is 1 MB. Takes effect: Immediately
`uint8`	`maxLogs = 10 { 1..20 }` Specifies the maximum number of transaction log files retained. It excludes the current file and limits the number of the most recent old transaction log files retained (ipworks_dhcpv4_trans.log.0 to ipworks_dhcpv4_trans.log.<max-1>). The range is 1 to 20. The default value is 10. Takes effect: Immediately
`IpworksLogTimelyRotate`	`timeBasedLog = DISABLE` Specifies the time-based condition under which a new transaction log file is created. The default value is DISABLE. DISABLE: No time-based condition. Only the size limit causes a new file to be created. This is the default value. HOURLY DAILY WEEKLY MONTHLY A new transaction log file is created when either the time-based condition occurs or the file size-limit is reached. Takes effect: Immediately

class DHCPv4TransactionLog

class DiameterAAAService

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-AAAPKIService [1..1]

+-DynamicInfoQueryService [1..1]

+-EPCAAAService [1..1]

+-SES [1..1]

+-WiFiMMService [1..1]

All the diameter AAA services.

Attributes
`string key mandatory noNotification restricted`	`diameterAaaServiceId` The value component of the RDN.

class DiameterAAAService

class DiameterStack

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterStack

+-EirDomain [1..1]

+-HssDomain [1..1]

+-OtpdiaRoot [1..1]

Diameter stack configuration

Attributes
`string key mandatory noNotification restricted`	`diameterStackId` The value component of the RDN.
`string`	`otpdiaControllerDaemonEndpoints = 169.254.100.1:20001,169.254.100.2:20001` A NULL-terminated string containing a comma-separated list of <addr>:<port> (IPv4) or [<addr>]:<port> (IPv6), on which controller daemons are listening for connections from user processes. To contain the same address and port pairs that are passed with the --daemon-address and --daemon-port options of otpdia(1) when starting controller daemons.
`uint32`	`otpdiaPoolSize = 1 { 1..4294967295 }` The number of threads to be created in each thread pool.
`string[0..1]`	`otpdiaServiceDnEpcServer = otpdiaService=epc_aaa,otpdiaProduct=IPWorksAAA` Dn of OtpdiaService for epc_server
`string[0..1]`	`otpdiaServiceDnEpcSwx` Dn of OtpdiaService for epc_swx
`uint32`	`outgoingRequestTimeout = 2000` The number of milliseconds after which non-reception of an answer message Unit: 1 millisecond

class DiameterStack

class DiffServCategory

..

+-Transport

+-DiffServCategory

Differentiated Services Category

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`diffServCategoryId` Differentiated Services Category name
`uint8 mandatory`	`dscp { 0..63 }` DSCP integer value
`string[0..1]`	`source = dynamic` The source attribute indicates if the diffServCategory instance came from the configuration files, or was dynamically created. Filter: ldeHidden

class DiffServCategory

class DMCOAService

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-DMCOAService

+-CoaFormatMgr [1..1]

+-DmFormatMgr [1..1]

This Managed Object Class is for DM and COA service configuration.

Attributes
`boolean`	`dmClearSessionImmediately = true` Determines whether the session will be cleared immediately when ACK message of DM is received from NAS. true: Clear the session immediately; false: Wait for Accounting Stop message to clear the session. Takes effect: After next restart
`uint32`	`dmCoaRetryCount = 3` Specifies the retry times for CoA/Disconnect request message before getting response. Takes effect: After next restart
`uint32`	`dmCoaRetryTimeout = 1` Specifies the timeout(in seconds) for resending CoA/Disconnect request message. Takes effect: After next restart
`string key mandatory noNotification restricted`	`dmCoaServiceId` The value component of the RDN.
`uint8`	`dmSessionExpireTime = 10 { 5..60 }` Specifies the expire time (in seconds) elapsed for the waiting of the Accounting Stop message after receiving the DM-ACK message. This parameter is only used when the "dmClearSesionImmediately" parameter was set to false. Unit: 1 second Takes effect: After next restart

class DMCOAService

class DmFormat

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-DMCOAService

+-DmFormatMgr

+-DmFormat

DM format.

Attributes
`string key mandatory noNotification restricted`	`dmFormatId` The value component of the RDN.
`string mandatory`	`format` Specifies the format of DM. The DM message content which includes some AVPs. The AVP values are separated by commas. Syntax: expression := condition \| ', ' expression condition := avpname = value value := fixed value \| $SESSION • avpname: The attribute. It can be one of the following: User-Name, NAS-IP-Address, NAS-Port, Reply-Message, Class, Vendor-Specific, Called-Station-Id, Calling-Station-Id, NAS-Identifier, Proxy-State, Acct-Session-Id, Acct-Terminate-Cause, Acct-Multi-Session-Id, Event-Timestamp, Message-Authenticator, NAS-Port-Id, Chargeable-User-Identity, NAS-IPv6-Address, Framed-IP-Address, Framed-IPv6-Prefix, Framed-interface-Id, 3GPP-Teardown-Indicator • value: A fixed value or $SESSION. For example, GGSNDM format value: Framed-IP-Address=$SESSION,Framed-IPv6-Prefix=$SESSION,Acct-Session-Id=$SESSION,3GPP-Teardown-Indicator=1 WIFIDM format value: User-Name=$SESSION,NAS-IP-Address=$SESSION,Acct-Session-Id=$SESSION,NAS-Identifier=$SESSION Takes effect: After next restart
`string mandatory`	`name` Specifies the name of DM format. For example, GGSNDM or WIFIDM. Takes effect: After next restart

class DmFormat

class DmFormatMgr

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-DMCOAService

+-DmFormatMgr

+-DmFormat [0..]

DM format management.

Attributes
`string key mandatory noNotification restricted`	`dmFormatMgrId` The value component of the RDN.

class DmFormatMgr

class DnsLog

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-DnsServer

+-BindService

+-DnsLog

DNS logs relevant parameters.
The class DnsSmLog controls DNS Server's log generation.

Attributes
`string readOnly`	`directory = /cluster/storage/no-backup/ipworks/logs/` The directory where the log files are retained. Note: This parameter cannot be changed currently. The current log file is ipworks_dns.log and the most recent files are ipworks_dns.log.0 to ipworks_dns.log.<max-1>. When the current log exceeds the size limit or a time restriction, the following actions are performed: -- The ipworks_dns.log.<max-1> file is deleted. -- The .0 to .<max-2> files are renamed .1 to <max-1> respectively. -- The current file is closed and renamed to ipworks_dns.log.0. -- A new ipworks_dns.log file is created.
`string key mandatory noNotification restricted`	`dnsLogId` The identifier for the DNS Log.
`int32`	`fileSize = 10 { 1..20 }` The maximum size (Mb) of log file. It specifies the maximum size of each log file. When this limit is exceeded, a new file is opened. The default is 10 MB.The range is from 1 to 20 (MB). Note:The maximum disk space consumed by the log files is this parameter times (1 plus the maximum number of logs). With the default setting of 10 files and 10 MB, this means 110 MB of disk space. After change the Log Size, reload the DNS server manually to make it take effect.
`uint16`	`filesNumber = 10 { 1..20 }` Number of log files. The range is 1 to 20. The default value is 10. It specifies the maximum number of log files to be retained in addition to the current file. This limits the number of the most recent old log files retained (ipworks_dns.log.0 to ipworks_dns.log.<max-1>).
`DnsLogLevel`	`level = DNS_LOG_LEVEL_DISABLE` Log level. The default log level is DNS_LOG_LEVEL_DISABLE Only Two Log levels are supported in DNS Log, which are : --DNS_LOG_LEVEL_DEBUG : once it is selected, DNS Log is enabled and in debug log level --DNS_LOG_LEVEL_DISABLE : once it is selected, DNS Log is disabled For details of the Debug Log Level, refer to the attribute debugLogLevel in the MOC BindService. Note: Use debug logging only to diagnose problems. Turn it off during normal operation. This is because the log file grows rapidly when debugging is enabled. This will degrade server performance, especially at higher levels of debug logging.

class DnsLog

class DnsServer

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-DnsServer

+-BindService [1..1]

+-DnsSm [1..1]

DNS Server consist of DNS Server and DNS Server Manager.

Attributes
`string key mandatory noNotification restricted`	`dnsServerId` Identifier of the DNS server.

class DnsServer

class DnsSm

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-DnsServer

+-DnsSm

+-DnsSmLog [1..1]

Controls the DNS Server Manager on the host machine.

Attributes
`string key mandatory noNotification restricted`	`dnsSmId` The identifier of the DNS Server Manager.
`string`	`ssAddress = ipw_ss` Specifies the IP address or the fully qualified domain name of the host running the Storage Server. Users are recommended to use the IP address because it works when DNS servers are unavailable. Note: The value can be changed when the Server Manager is running, but it will not take effect unless Server Manager is reloaded.
`EcimPassword mandatory`	`ssPassword` Specifies the password for the Storage Server username account. The password is case sensitive Note: The value can be changed when the Server Manager is running, but it will not take effect unless Server Manager is reloaded.
`string`	`ssUserName = admin` Specifies the user name that the Server Manager uses to log on to the Storage Server. This is either the admin account set up during IPWorks installation or some other user having administrator rights. Note: The value can be changed when the Server Manager is running, but it will not take effect unless Server Manager is reloaded.

class DnsSm

class DnsSmLog

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-DnsServer

+-DnsSm

+-DnsSmLog

The class DnsSmLog controls DNS Server Manager's log generation.

Attributes
`string restricted`	`directory = /cluster/storage/no-backup/ipworks/logs` The directory where the log files are retained. Note: This parameter cannot be changed currently.
`string key mandatory noNotification restricted`	`dnsSmLogId` The identifier for the DNS Server Manager Log.
`uint32`	`fileSize = 10 { 1..20 }` This is the maximum allowable size for log files, specified in MB. When a file grows larger than the maximum file size, it will be closed and a new file will be generated.
`uint16`	`filesNumber = 10 { 1..20 }` The type of messages to write to the DNSSM logs. When it is set to LOG_LEVEL_DISABLE, no log is generated.
`IpworksLogLevel`	`level = LOG_LEVEL_DISABLE` Log Level
`IpworksLogTimelyRotate`	`timelyRotate = DISABLE` The frequency of creating a new log depends on the configured time interval.

class DnsSmLog

class DnsTransLog

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-DnsServer

+-BindService

+-DnsTransLog

IPWorks DNS Transaction log relevant parameters.

Attributes
`string[0..1] readOnly`	`directory = /cluster/storage/no-backup/ipworks/logs` Transaction Log Directory,specifies the location of the DNS Server transaction log file. Note: This parameter cannot be changed currently. The transaction files record significant events such as, addresses assigned to clients and server stops and starts. The current transaction log file is ipworks_dns_trans.log and the most recent files are ipworks_dns_trans.log.0 to ipworks_dns_trans.log.<max-1>. When the current transaction log exceeds the size limit or a time restriction, the following actions are performed: -The ipworks_dns_trans.log.<max-1> file is deleted. -The .0 to .<max-2> files are renamed .1 to .<max-1> respectively. -The current file is closed and renamed ipworks_dns_trans.log.0. -A new ipworks_dns_trans.log file is created. Note: This parameter cannot be changed currently.
`string key mandatory noNotification restricted`	`dnsTransLogId` The identifier for the DNS Transaction Log.
`int32`	`fileSize = 1 { 1..20 }` Transaction Log Size (1-20) MB,specifies the maximum size of each transaction log file. When this limit is exceeded, a new file is opened. The default is 1 MB. The range is from 1 to 20 (MB). The maximum disk space consumed by the log files is this parameter times (1 plus the maximum number of transaction logs, as specified above). With the default setting of 10 files and 1 MB, this means 11 MB of disk space.
`int16`	`filesNumber = 10 { 1..20 }` Number of Transaction Log,specifies the maximum number of transaction log files to be retained in addition to the current file. This limits the number of the most recent old transaction log files retained (ipworks_dns_trans.log.0 to ipworks_dns_trans.log.<max-1>). The range is 1 to 20. The default value is 10.
`IpworksLogTimelyRotate`	`timelyRotate = DISABLE` Transaction Log Start ,specifies the time-based condition under which a new transaction log file is started. The values indicate the following: -- DISABLE = No timely based condition (only the size limit causes a new file to be created). This is the default. -- HOURLY = Hourly: a new transaction log is created on the hour. -- DAILY = Daily, a new transaction log is created at the start of the day (00:00:00 Universal Time). -- WEEKLY = Weekly, a new transaction log is created at the start of a new week (Sunday morning). -- MONTHLY = Monthly, a new transaction log is created at the start of a new month. A new transaction log file is created when either the time-based condition occurs or the size limit of the file is reached.

class DnsTransLog

class DynamicInfoQueryService

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-DynamicInfoQueryService

Dynamic information query service

Attributes
`string[0..1]`	`authorizedHost` Dynamic Info Query authorized host Takes effect: Immediately
`string key mandatory noNotification restricted`	`dynamicInfoQueryServiceId` The value component of the RDN.
`boolean`	`enable = false` Enable or disable Dynamic Info Query Service. - false : disable(default) - true : enable Takes effect: Immediately

class DynamicInfoQueryService

class EapAKA

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AuthMethodControl

+-EapMethodControl

+-EapAKA

This Managed Object Class is for EAP AKA method control.

Attributes
`string key mandatory noNotification restricted`	`eapAKAId` The value component of the RDN.
`boolean`	`enable = true` Specifies whether EAP-AKA is enabled. The default value is true. Takes effect: After next restart
`boolean`	`failedNotification = false` Specifies whether EAP notification is triggered. Takes effect: After next restart
`uint8`	`fastReauthMaxCounter = 5` EAP-AKA Fast Reauth Max Counter, the default value is 5. Takes effect: After next restart
`string mandatory`	`identityFormat` Specifies the regular expression of Identity format. The default value is "^[024].+" Takes effect: After next restart
`uint8`	`requestVectorNum = 5` Specifies the request Vector number of EAP-AKA. The default value is 5. Takes effect: After next restart

class EapAKA

class EapAkaConfig

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-EPCAAAService

+-EapAkaConfig

Authentication method control

Attributes
`string key mandatory noNotification restricted`	`eapAkaConfigId` The value component of the RDN.
`boolean`	`enableAuthSuccessIndication = false` Enable or disable Authentication Success Indication: 0: disable 1: enable The default value is 0. If it is enabled, AAA server sends EAP-Request/Notification(Success) before EAP-Success to Access Network. Takes effect: Immediately
`boolean`	`enablePseudonymAuthentication = false` Enable or disable Authentication using Pseudonym Identity: 0: disable 1: enable The default value is 0. Takes effect: Immediately
`uint16`	`fastIdentityExpirationTime = 300 { 30..2880 }` Set the expiration-time of fast identity (in minutes). The default value is 300 minutes(5 hours). Unit: 1 minutes Takes effect: Immediately
`boolean`	`identityWithMacAddress = false` Identity with Mac Address Takes effect: Immediately
`uint8`	`maxFastReauthNum = 0 { 0..16 }` Enable or disable the fast re-authentication after a full authentication: 0: disable fast re-authentication 1-16: enable fast re-authentication. The set value means how many times of fast re-authentications are allowed at most after a full authentication, for example, if the users set the value to 5, only five-time fast re-authentications are allowed after a full authentication, otherwise a new full authentication will be performed before triggering another round of fast re-authentication. The default value is 0. Unit: 1 entries Takes effect: Immediately
`uint8`	`mncLength = 2 { 2..3 }` Specifies the Mobile Network Code (MNC) length, and the default value is 2: 2: 2 digits 3: 3 digits Unit: 1 entries Takes effect: Immediately
`uint16`	`pseudonymIdentityExpirationTime = 2880 { 300..20160 }` Set the expiration-time of pseudonym identity (in minutes). The default value is 2880 minutes(48 hours). Unit: 1 minutes Takes effect: Immediately

class EapAkaConfig

class EapMD5

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AuthMethodControl

+-EapMethodControl

+-EapMD5

This Managed Object Class is for EAP-MD5 method control.

Attributes
`string key mandatory noNotification restricted`	`eapMD5Id` The value component of the RDN.
`boolean`	`enable = true` Specifies whether EAP-MD5 is enabled. The default value is true. Takes effect: After next restart
`boolean`	`failedNotification = false` Specifies whether EAP notification is triggered. Takes effect: After next restart
`boolean`	`needAuthorization = true` Specifies whether authorization is needed. Takes effect: After next restart

class EapMD5

class EapMethodControl

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AuthMethodControl

+-EapMethodControl

+-EapAKA [1..1]

+-EapMD5 [1..1]

+-EapMethodSelector [1..1]

+-EapSIM [1..1]

This Managed Object Class is for EAP Method Control.

Attributes
`string key mandatory noNotification restricted`	`eapMethodControlId` The value component of the RDN.

class EapMethodControl

class EapMethodSelector

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AuthMethodControl

+-EapMethodControl

+-EapMethodSelector

This Managed Object Class is for EAP Auth Method Selector.

Attributes
`EAPMethod`	`defaultEap = EAP_METHOD_MD5` Specifies the default auth method used when no Identity CompareRegexp or database is matched. The default value is EAP_METHOD_MD5 . Takes effect: After next restart
`string key mandatory noNotification restricted`	`eapMethodSelectorId` The value component of the RDN.
`EAPAuthSelectMode`	`mode = IDENTITY_ONLY` Specifies the EAP auth select mode: DATABASE_ONLY IDENTITY_ONLY IDENTITY_FIRST DATABASE_FIRST The default value is IDENTITY_ONLY. Takes effect: After next restart

class EapMethodSelector

class EapSIM

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AuthMethodControl

+-EapMethodControl

+-EapSIM

This Managed Object Class is for EAP SIM method control.

Attributes
`string key mandatory noNotification restricted`	`eapSIMId` The value component of the RDN.
`boolean`	`enable = true` Specifies whether EAP-SIM is enabled. The default value is true. Takes effect: After next restart
`boolean`	`failedNotification = false` Specifies whether EAP notification is triggered. Takes effect: After next restart
`uint8`	`fastReauthMaxCounter = 5` EAP-SIM Fast Reauth Max Counter, the default value is 5. Takes effect: After next restart
`string`	`identityFormat = ^[135].+` Specifies the regular expression of Identity format. The default vaue is "^[135].+" Takes effect: After next restart
`uint8`	`requestVectorNum = 5` Specifies the request Vector number of EAP-SIM. The default value is 5. Takes effect: After next restart
`uint8`	`requiredVectorNum = 3` AKA-SIM Required Vector Number. For UE IPhone, the required Vector must be 3. Takes effect: After next restart

class EapSIM

class EapTlsConfig

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-AAAPKIService

+-EapTlsConfig

EAP-TLS configuration

Attributes
`string key mandatory noNotification restricted`	`eapTlsConfigId` The value component of the RDN.
`boolean`	`sessCacheEnable = false` Determine if session resumption is used.
`uint32`	`sessCacheSize = 1000` Determine the size of session resumption..
`uint32`	`sessCacheTimeout = 3600` Whenever a new session is created, it is assigned a maximum lifetime. This lifetime is specified by storing the creation time of the session and the timeout value valid at this time. If the actual time is later than creation time plus timeout, the session is not reused. Unit: 1 second

class EapTlsConfig

class EirDomain

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterStack

+-EirDomain

EIR domain information

Attributes
`string key mandatory noNotification restricted`	`eirDomainId` The value component of the RDN.
`string`	`eirRealm = eir.ericsson.se` EIR Dest-Realm information Takes effect: Immediately

class EirDomain

class EmergencyUnlock

..

+-SystemFunctions

+-Lm

+-EmergencyUnlock

Emergency Unlock state information.

This MO is created by the system.

Actions
`boolean`	`activate ( );` Initiates activation of the Emergency Unlock operational mode. Return value is true if the activation succeeded, otherwise false.
`boolean`	`deactivate ( );` Initiates the deactivation of the Emergency Unlock operational mode. Return value is true in case the deactivation succeeded, false otherwise.

Attributes
`uint8 readOnly`	`activationsLeft` Remaining allowed Emergency Unlock activations left.
`LmActivationState readOnly`	`activationState` Activation state of Emergency Unlock.
`string key mandatory noNotification restricted`	`emergencyUnlockId` The value component of the RDN.
`DateTime[0..1] readOnly`	`expiration` Expiry date and time of Emergency Unlock. The value is NULL if the activation state is INACTIVE.

class EmergencyUnlock

class EnrollmentAuthority

..

+-SystemFunctions

+-SecM

+-CertM

+-EnrollmentAuthority

Represents a Certification or Registration Authority for certificate enrollment.

References from:: EnrollmentServer; NodeCredential;
References to:: TrustedCertificate;

Attributes
`AuthorityType[0..1]`	`authorityType` Indicates the type of the enrollment authority. Used for the verification of the Public Key Infrastructure (PKI) response message. In case of a Certification Authority (CA), the self-signed certificate of the CA is accepted by ME given that the certificate is configured either in attribute enrollmentCaCertificate or enrollmentCaFingerprint. In case of a Registration Authority (RA), the RA certificate is verified using the CA certificate of the RA configured in attribute enrollmentCaCertificate. This entity is deprecated as implemented redundant functionality. Deprecated: Deprecated in version 2.0. Redundant functionality.
`string key mandatory noNotification restricted`	`enrollmentAuthorityId` The value component of the RDN.
`DistinguishedName[0..1]`	`enrollmentAuthorityName` Specifies the name of the issuing CA. The X.501 distinguished name of the issuing CA used for addressing and reference identity.
`TrustedCertificate[0..1]`	`enrollmentCaCertificate` The trusted cerificate of the RA or CA used for enrollment authentication. Represents the certificate by the DN of the appropriate TrustedCertificate MO. The RA or CA certificate provided in the PKI response is authenticated by this trusted certificate.
`string[0..1]`	`userLabel` An additional descriptive text.

class EnrollmentAuthority

class EnrollmentServer

..

+-SystemFunctions

+-SecM

+-CertM

+-EnrollmentServerGroup

+-EnrollmentServer

Represents an enrollment server.

An enrollment server implements Simple Certificate Enrollment Protocol (SCEP) or the Certificate Management Protocol (CMP).

References to:: EnrollmentAuthority;

Attributes
`EnrollmentAuthority[0..1]`	`enrollmentAuthority` The Certification Authority or Registration Authority used by this enrollment server. Represents the enrollment authority by the DN of the EnrollmentAuthority MO. This entity is deprecated. If this attribute is specified, the enrollmentAuthority attribute in the NodeCredential MO referring to the EnrollmentServerGroup MO of this EnrollmentServer MO is ignored. Deprecated: Deprecated in version 2.0. Function replaced by enrollmentAuthority attribute in NodeCredential MOC.
`string key mandatory noNotification restricted`	`enrollmentServerId` The value component of the RDN.
`EnrollmentProtocol mandatory`	`protocol` The enrollment protocol.
`string mandatory`	`uri` The URI of the enrollment server. The URI consists of a protocol, an IP or DNS address and an optional port number. Specify the optional port designation by appending a colon followed by the port number to the host part, for example, 192.168.33.27:8080. If no port number is provided, the default port is used. Example for CMP: http://192.168.33.27:8080 or cmp://192.168.33.27
`string[0..1]`	`userLabel` An additional descriptive text.

class EnrollmentServer

class EnrollmentServerGroup

..

+-SystemFunctions

+-SecM

+-CertM

+-EnrollmentServerGroup

+-EnrollmentServer [0..]

Maintains a group of enrollment servers for load balancing.

References from:: NodeCredential;

Attributes
`string key mandatory noNotification restricted`	`enrollmentServerGroupId` The value component of the RDN.
`string[0..1]`	`userLabel` An additional descriptive text.

class EnrollmentServerGroup

class EnumFE

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-IpworksEnumRoot

+-EnumFE

+-EnumFELog [1..1]

ENUM front-end feature.

Attributes
`boolean[0..1]`	`enableEnumDnSchedCache = false` Determines whether cache EnumDnSched in local or not. Take effect: After ENUM server is restarted.
`boolean[0..1]`	`enableEnumFE = false` Determines whether to enable or disable the ENUM FE feature.Take effect: After ENUM server is restarted. Take effect: After ENUM server is restarted.
`[0..1]`	`enumDnRangeExpiration = 7` Specifies when cached EnumDnRange will be deleted automatically. The default value is 7 (days). Take effect: After ENUM server is restarted.
`[0..1]`	`enumDnSchedExpiration = 7` Specifies when cached EnumDnSched will be deleted automatically. The default value is 7 (days). Take effect: After ENUM server is restarted.
`string key mandatory noNotification restricted`	`enumFEId` The value component of the RDN.
`FailureReponseType[0..1]`	`handleLDAPFailure = NXDOMAIN` Used to define the LDAP failure response code.

class EnumFE

class EnumFELog

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-IpworksEnumRoot

+-EnumFE

+-EnumFELog

The class Log controls ENUMFE
Service log generation.

Attributes
`string`	`directory = /cluster/storage/no-backup/ipworks/logs` The directory where the log files are retained. Note: This parameter cannot be changed currently.
`uint32`	`fileSize = 10 { 1..20 }` The maximum allowable size for log files. (Unit:MB) When a file grows larger than the maximum file size, it will be closed and a new file will be generated.
`uint16`	`filesNumber = 5 { 1..20 }` The number of log files.
`IpworksLogLevel`	`level = LOG_LEVEL_ERROR` The log level.
`string key mandatory noNotification restricted`	`logId` The key attribute.
`IpworksLogTimelyRotate`	`timelyRotate = DISABLE` Specifies the time-based condition under which a new log file is started. DISABLE: No time-based condition (only the size-limit causes a new file to be created). This is the default. HOURLY: a new transaction log is created on the hour. DAILY: a new transaction log is created at the start of the day (00:00:00 Universal Time). WEEKLY: a new transaction log is created at the start of a new week (Sunday morning). MONTHLY: a new transaction log is created at the start of a new month. A new log file is created when either the time-based condition occurs or the file size limit is reached.

class EnumFELog

class EnumServer

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-IpworksEnumRoot

+-EnumServer

+-Erh [1..1]

+-Log [1..1]

IPWorks ENUM server.

Attributes
`string`	`dbConnectString = SC-1:1186` NDB Connection String (Primary) is domain name followed by port number, or IP address followed by port number. The default setting is SC-1:1186. Take effect: After ENUM server is restarted.
`string`	`dbConnectStringSecondary = SC-2:1186` NDB Connection String (Secondary) is domain name followed by port number, or IP address followed by port number. The default setting is SC-2:1186. Take effect: After ENUM server is restarted.
`boolean`	`dnsResolver = true` Determines whether to enable or disable the DNS Resolver Server. The default value is true.Take effect: After ENUM server is restarted.
`Ipv4Ipv6 readOnly`	`dnsResolverIPAddress = 127.0.0.1` DNS Server IP address, it should always be 127.0.0.1.
`uint16`	`dnsResolverPort = 5300 { 1..65535 }` DNS Server Port.Take effect: After ENUM server is restarted.
`string key mandatory noNotification restricted`	`enumServerId` The value component of the RDN.
`Ipv4Ipv6`	`ipv4Address = 0.0.0.0` Specifies the IPv4 address used by ENUM server to provide service.Take effect: After ENUM server is restarted.
`Ipv4Ipv6`	`ipv6Address = ::` Specifies the IPv6 address used by ENUM server to provide service. Take effect: After ENUM server is restarted.
`uint16`	`port = 53` ENUM Server Port [0-65535]. The default setting is 53. Take effect: After ENUM server is restarted.
`boolean`	`securitylog = false` Determines whether to enable or disable the security log. Take effect: After ENUM server is restarted.
`int32`	`threadCount = 50 { 1..50 }` ENUM Thread Count [1-50]. The default value is 50. Take effect: After ENUM server is restarted.

class EnumServer

class EPCAAAService

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-EPCAAAService

+-EapAkaConfig [1..1]

+-EPCBehaviorControl [1..1]

+-EPCSessionControl [1..1]

+-EPCSWxThrottlingControl [1..1]

+-IMEICheck [1..1]

EPC AAA Service

Attributes
`string key mandatory noNotification restricted`	`epcAaaServiceId` The value component of the RDN.

class EPCAAAService

class EPCBehaviorControl

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-EPCAAAService

+-EPCBehaviorControl

EPC bebavior control

Attributes
`boolean`	`ASR_RARwithPrefix = true` ASR RAR with prefix Takes effect: Immediately
`uint8`	`authVectorNumber = 5 { 1..5 }` The requested Number of Authentication Vector, AVP: SIP-Number-Auth-Items Takes effect: Immediately
`boolean`	`enableIMSIMask = false` Determines whether to enable or disable the IMSI Mask. Take effect: Immediately.
`boolean`	`enableS6bAuthzWithoutProfile = false` Switch to enable the S6b authorization if without profile.
`string key mandatory noNotification restricted`	`epcBehaviorControlId` The value component of the RDN.
`boolean`	`getLatestUserProfile = false` Whether to get latest user profile or not. Takes effect: Immediately
`string mandatory`	`IMSIMaskDefaultKeyID` Default key identity of RSA private key. Take effect: Immediately.
`HSSFailoverSupportType[0..1]`	`includingHSSHostOption = ALL_SWX_REQUEST_WITH_DESTHOST_EXCEPT_MAR` The option determines whether the AVP Destination-Host (HSS) is included in the SWx requests.
`RedirectHostUsage`	`redirectHostUsage = DONT_CACHE` It is the usage of Redirect-Host in client: DONT_CACHE 0 The host specified in the Redirect-Host AVP SHOULD NOT be cached. This is the default value. When 0 (DONT_CACHE) is configured, IPWorks AAA will not include the Redirect-Host-Usage and Redirect-Max-Cache-Time AVPs in the reply message to the client. ALL_SESSION 1 All messages within the same session, as defined by the same value of the Session-ID AVP SHOULD be sent to the host specified in the Redirect-Host AVP. ALL_REALM 2 All messages destined for the realm requested SHOULD be sent to the host specified in the Redirect-Host AVP. REALM_AND_APPLICATION 3 All messages for the application requested to the realm specified SHOULD be sent to the host specified in the Redirect-Host AVP. ALL_APPLICATION 4 All messages for the application requested SHOULD be sent to the host specified in the Redirect-Host AVP. ALL_HOST 5 All messages that would be sent to the host that generated the Redirect-Host SHOULD be sent to the host specified in the Redirect-Host AVP. ALL_USER 6 All messages for the user requested SHOULD be sent to the host specified in the Redirect-Host AVP.
`uint64 mandatory`	`redirectMaxCacheTime { 0..71582788 }` It is the maximum number of minutes that the peer and route table entries, which are created based on the Redirect-Host, will be cached. The value range is 0~71582788 minutes, and you can configure it based on the actual needs. The configuration takes effective when Redirect Host Usage(0-6) is configured with a non-zero value.
`SARSAT[0..1]`	`sarSATypeforAuthenticatedUser = AAA_USER_DATA_REQUEST` SAR whether includes AVP SAT with AAA_USER_DATA_REQUEST or with REGISTRATION. The default value is AAA_USER_DATA_REQUEST. Take effect: Immediately.
`boolean`	`supportRARInS6b = false` Support RAR in S6b or not. Takes effect: Immediately

class EPCBehaviorControl

class EPCSessionControl

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-EPCAAAService

+-EPCSessionControl

EPC session control

Attributes
`uint32`	`authGracePeriod = 200 { 0..86400 }` The number of seconds the Diameter server will wait following the expiration of the Authorization-Lifetime AVP before cleaning up resources for the session. The value range is 0-86400. The default value is 200. Unit: 1 seconds Takes effect: Immediately
`uint16`	`authorizationLifetime = 1440 { 180..10080 }` The maximum number of minutes of service to be provided to the user before the user is to be re-authenticated and/or re-authorized. The value range is 180-10080 minutes, and the default value is 24 hours(1440 minutes). Unit: 1 minutes Takes effect: Immediately
`uint16`	`diameterSessionTimeout = 2880 { 60..10080 }` Set the timeout (in minutes) for the S6b, SWm, STa session, STa takes effect only when it is enabled by setting the parameter Enable session timeout for STa (0-1) to 1. The default is 2880 minutes(48 hours). Unit: 1 minutes Takes effect: Immediately
`boolean`	`enable_AuthGracePeriod_AuthorizationLifetime = false` Enable or disable Auth-Grace-Period and Authorization-Lifetime AVP in AAA, DEA message: 0: disable 1: enable The default value is 0. Takes effect: Immediately
`boolean`	`enableSTaSessionTimeout = false` Enable or disable STa session timeout: false: disable true: enable The default value is 0. Takes effect: Immediately
`string key mandatory noNotification restricted`	`epcSessionControlId` The value component of the RDN.
`SessionCapacityLicenseType`	`sessionCapacityLicenseType = Classic` EPC AAA session capacity license type

class EPCSessionControl

class EPCSWxThrottlingControl

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-EPCAAAService

+-EPCSWxThrottlingControl

EPC SWx Throttling Control setting.

Attributes
`string key mandatory noNotification restricted`	`epcSWxThrottlingControlId` The value component of the RDN.
`boolean`	`epcSWxThrottlingEnabled = false` Enable or disable EPC SWx Throttling function. false: disable true: enable
`uint32`	`rateLimitHighPriority = 50000` Specify the high priority threshold for SWx Throttling function. If the current SWx QPS is more than this value, IPWorks will throttle all SWx messages.
`uint32`	`rateLimitLowPriority = 30000` Specifies the low priority threshold for SWx Throttling function. If the current SWx QPS is more than this value, IPWorks will throttle the MAR message for new user initial session.

class EPCSWxThrottlingControl

class EPSSubscribedQoSProfile

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-AAAPKIService

+-AAAPKIAPNList

+-APN

+-EPSSubscribedQoSProfile

Group AVP: EPS-Subscribed-QoS-Profile

Attributes
`AllocationRetentionPriority[0..1]`	`allocationRetentionPriority` Group AVP : AllocationRetentionPriority
`string key mandatory noNotification restricted`	`epsSubscribedQoSProfileId` The value component of the RDN.
`uint16`	`QoSClassIdentifier = 1` QoS class identifier

class EPSSubscribedQoSProfile

class Equipment

ManagedElement

+-Equipment

+-ComputeResource [0..]

This is the Equipment MO.

Attributes
`string key mandatory noNotification restricted`	`equipmentId` Unique identifier for this object instance.
`string[0..1]`	`userLabel` User friendly name for equipment object.

class Equipment

class Erh

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-IpworksEnumRoot

+-EnumServer

+-Erh

+-ErhLdap [1..1]

+-ErhSs7 [1..1]

ERH feature.

Attributes
`boolean`	`discardErhFailure = false` Determines whether to discard the failure message reply from ERH. The default value is false. Take effect: After ENUM server is restarted.
`string key mandatory noNotification restricted`	`erhId` The value component of the RDN.
`boolean`	`ldap = false` Determines whether to enable the LDAP feature. The default value is false. Take effect: After ENUM server is restarted.
`MAPResponstNumberFormat[0..1]`	`MAPRespNumberFormat = COUNTRYCODEWITHDASHSEC` Routing number and IMISDN number format in ENUM response for MAP.
`boolean`	`nxdomainForNonPortedNumber = true` True: It means for a non-ported number, the ENUM server will return the NXDomain. False: It means for both ported and non-ported number, the ENUM server will return the the rn, imsi, and msisdn. This default value is true. Take effect: After ENUM server is restarted.
`boolean`	`rcseInterConnect = false` Determines whether to enable the RCSe interconnect feature. The default value is false. Take effect: After ENUM server is restarted.
`boolean`	`RNwithCountryCode = false` Routing number format in ENUM response for MAP 0 means using format CC+RN 1 means using format RN, it apply on the situation when RN already contain CC.
`int32`	`teTimer = 30 { 1..300 }` Specifies the timeout value of the ERH reply. The default value is 30. The range is 1 to 300. Take effect: After ENUM server is restarted.

class Erh

class ErhLdap

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-IpworksEnumRoot

+-EnumServer

+-Erh

+-ErhLdap

+-Log [1..1]

ERH over LDAP configuration.

Attributes
`boolean`	`cudbWithCountryCode = false` Determines whether the query carries country code to CUDB. False: It means the query does not carry country code to CUDB. Ture: It means the query carries country code to CUDB. Take effect: After ENUM server is restarted.
`string key mandatory noNotification restricted`	`erhLdapId` The value component of the RDN.
`string`	`logFileName = ipwerh_ldap.log` Specifies the log file name for ERH over LDAP feature. Take effect: After ENUM server is restarted.
`uint8`	`replyFormat = 1 { 1..2 }` The type of format will be used in the reply when the value of Service Parameter is set to E2U+pstn:sip. 1: It means the ENUM reply will contain the Sipnpdomain parameter 2: It means the ENUM reply will contain the sub-domain parameter Take effect: After ENUM server is restarted.
`ServiceParameter`	`serviceParameter = E2U+pstn:tel` Provides the service parameter value to construct the response for external legacy database query. The value is either "E2U+pstn:tel" or "E2U+pstn:sip". Take effect: After ENUM server is restarted.
`string[0..1]`	`sipNpDomain` The domain name of ENUM reply. It is available only when ServiceParameter is "E2U+pstn:sip" and replyFormat is set to 1. It can be any domain name string. When it is set to empty, the reply does not contain the Sipnpdomain part. Take effect: After ENUM server is restarted.
`string[0..1]`	`subDomain` The sub-domain of ENUM reply. It is available only when ServiceParameter is "E2U+pstn:sip", replyFormat is set to 2, and sipNpDomain is empty. Take effect: After ENUM server is restarted.

class ErhLdap

class ErhSs7

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-IpworksEnumRoot

+-EnumServer

+-Erh

+-ErhSs7

+-Log [1..1]

ERH over SS7 configuration.

Attributes
`uint8[0..1]`	`ainQualityOfService = 3 { 0..3 }` The Quality of Service (QoS) provides IPWorks with the ability to indicate the acceptable quality of the service provided by the underlying layers. The values can be 0, 1, 2 and 3. 0 means Quality of service not used. 1 means In-sequence delivery option. 2 means Message return option. 3 means Both in-sequence delivery and message return options. The default value is 3. Take effect: After ENUM server is restarted.
`CpInstanceId`	`cpInstanceId = PL-3:1\|PL-4:2` The instance ID of CP manager on the board where ERH deployed. If enableHA is true, the instance ID should be difference on each board. Take effect: After ENUM server is restarted. Obsolete:
`string`	`cpManager = ss7cafcpmaddress:6669` The SS7 MIP address and port number of SS7 CP manager. Take effect: After ENUM server is restarted.
`string[0..1]`	`cpManagerPeerHost = 127.0.0.1:6669` The address and port number of peer SS7 CP manager. If enableHA is true, this parameter should indicate the address and port of peer SS7 CP manager. Take effect: After ENUM server is restarted. Obsolete:
`boolean`	`enableCustomizedDigTable = false` Determines whether to use customized digit table. Take effect: After ENUM server is restarted.
`boolean`	`enableHA = true` If redundancy mode is required, then the stack must be configured as HA mode. Therefore, this attribute must be set to true. Take effect: After ENUM server is restarted. Obsolete:
`string key mandatory noNotification restricted`	`erhSs7Id` The value component of the RDN.
`boolean`	`formatFlag = false` To customize routing number format for INAP. Take effect: After ENUM server is restarted.
`ApplicationContexTypeEnum`	`inapApplicationContexType = CS1` The Application context Type that INAP uses. The value can be either CS1 or CS1PLUS. The default value is CS1. Take effect: After ENUM server is restarted.
`DigitTable`	`inapDigitTable = 0x0=0,0x1=1,0x2=2,0x3=3,0x4=4,0x5=5,0x6=6,0x7=7,0x8=8,0x9=9,0xA= ,0xB=b,0xC=c,0xD= ,0xE=` Digit table of INAP. Take effect: After ENUM server is restarted.
`boolean`	`inapFilterRNOfDestRoutingAddr = false` Filter RN from DestRoutingAddr, cut 15 digits to 6 digits for INAP. Take effect: After ENUM server is restarted.
`InterrogationType[0..1]`	`InterrogationType = BASIC` Indicates the type of interrogation of SRI message.
`string`	`logFileName = ipwerh.log` Specifies the log file name for ERH over SS7 featrue. Take effect: After ENUM server is restarted.
`DigitTable`	`mapDigitTable = 0x0=0,0x1=1,0x2=2,0x3=3,0x4=4,0x5=5,0x6=6,0x7=7,0x8=8,0x9=9,0xA=*,0xB=#,0xC=a,0xD=b,0xE=c` Digit table of MAP. Take effect: After ENUM server is restarted.
`MAPOperationType[0..1]`	`MAPMessage = MAP_ATI` Defines IPWorks ENUM NP support MAP operation type, SRI and ATI.
`Mcc3bitMncPair`	`mcc3bitMNCPAIR = 302-656\|374-130\|374-140\|714-020` All MCC-MNC pair, and MNC is 3 bit. IPWorks ERH only support to confiugre less than 30 MCC-MNC pair. Take effect: After ENUM server is restarted.
`MccWith3bitMnc`	`mccWith3bitMNC = 310\|311\|316\|334\|338\|342\|344\|346\|348\|365\|376\|708\|722\|732\|750` All MCC which only have 3 bit MNC. IPWorks ERH only support to confiugre less than 30 MNC. Take effect: After ENUM server is restarted.
`MSRNMode[0..1]`	`MSRNMode = NOFURTHERHANDLING` Indication of the mode used to handle MSRN returned from NPDB before sending it to ENUM.
`int32`	`numOfBindBEs = 10 { 1..10 }` The max number of BEs that ERH can bind to. Take effect: After ENUM server is restarted.
`int32`	`numOfErh = 10 { 1..10 }` In scalable configuration, the max number of Erh that system can support. Take effect: After ENUM server is restarted.
`int32[0..1]`	`remoteSSN = 0 { 0..255 }` ERH remote SSN. Take effect: After ENUM server is restarted.
`ReturnWholeMSRN[0..1]`	`returnWholeMSRN = RNONLY` Defines whether to return whole MSRN string or RN only.
`uint32[0..1]`	`RNLength = 4` Length of RN in MSRN string.

class ErhSs7

class EricssonFilter

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LdapAuthenticationMethod

+-Ldap

+-EricssonFilter

Provides configuration of features supported by the Ericsson LDAP schema.

This class must be used when profileFilter in Ldap MO is set to ERICSSON_FILTER.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`ericssonFilterId` The value component of the RDN.
`string[0..1]`	`roleAliasesBaseDn` LDAP DN to a subtree of objects that is used to convert alias roles to roles the ME understands. An option for authorization methods that implements Role Based Access Control. The value is an LDAP DN. The format of the DN for such an object is 'role=[role], roleAliasesBaseDn', where [role] must be replaced with the name of a role alias or role group. All these objects must be accessible from the base DN defined in this attribute. For example: if roleAliasesBaseDn = "dc=example,dc=com" and the user has role Admin, and the object "role=Admin,dc=example,dc=com" exists and has attribute ericssonUserAuthorizationScope = Administrator, the user receives the Administrator role.
`BasicAdmState`	`targetBasedAccessControl = LOCKED` Toggles Target Based Access Control. The User Management MO provides the <Target Type> strings of the ME. The TBAC authorization behavior is defined in the User Management MOC. The optional Ericsson LDAP-schema-specified attribute ericssonUserAuthenticationScope stores the targets where the user can be authenticated and authorized. It is a case-insensitive string of <Target Type>. The Ericsson target-type identifier, such as ‘bsc’, ‘cscf’, classifies the target type the user can access. The optional Ericsson LDAP-schema-specified attribute ericssonUserAuthorizationScope stores the authorization profiles of which the user is a member. It is a case-insensitive string of form <Target Type>:<Authorization Profile>, where ':' is a separator; <Target Type> is the Ericsson target-type identifier, such as ‘bsc’, ‘cscf’, and it classifies the target type for which the user acquires the <Authorization Profile>. <Authorization Profile> is the Ericsson application-defined profile, for example, a role. Attribute ericssonUserAuthenticationScope behavior: When TBAC is LOCKED in the ME, authentication and authorization are performed without TBAC. When TBAC is UNLOCKED in the ME and the user has a target-restricted authentication scope, authentication and authorization are performed when a match is found. If not, it fails. Attribute ericssonUserAuthenticationScope allows the use of wild-carded scope ('') to permit the user to be authorized on any ME based on its ericssonUserAuthorizationScope attribute. Attribute ericssonUserAuthorizationScope behavior: When TBAC is LOCKED in the ME, the authorization profiles without target qualifiers and with wildcard target qualifier ('') are assigned to the user from the user database. When TBAC is UNLOCKED in the ME, the authorization profiles with matching target qualifiers and with wildcard target qualifier are assigned to the user from the user database. Not using the Ericsson LDAP schema in the user accounts, or improper use of this schema causes authorization failure. For more details, refer to the Ericsson LDAP Interface Description. Example with roles: If the ME in User Management MOC is configured with 'cscf.ims.stockholm' and the LDAP user account contains: ericssonUserAuthenticationScope: cscf.ims.stockholm ericssonUserAuthenticationScope: cscf.ims.malmo ericssonUserAuthorizationScope: cscf.ims.stockholm:SystemAdministrator ericssonUserAuthorizationScope: cscf.ims.malmo:SystemSecurityAdministrator ericssonUserAuthorizationScope: *:ApplicationOperator Then given the LDAP user provided a correct password it is authenticated on the ME and assigned with role 'SystemAdministrator' and 'ApplicationOperator'.
`EricssonFilterVersion`	`version = 2` The selected version of the Ericsson filtering behavior. Version 1 is deprecated. Version 1 allows wildcarding of roles without any qualifier and it supports the use of '' character. Such syntax applies the given role on all targets: ericssonUserAuthorizationScope: ApplicationOperator ericssonUserAuthorizationScope: :ApplicationOperator Version 2 differentiates the wildcarding behavior depending on the value of attribute targetBasedAccessControl. When targetBasedAccessControl is LOCKED, both syntaxes are allowed and assigns the role to the user in the ME. When targetBasedAccessControl is UNLOCKED, it only allows the use of '*' character, but unqualified roles are ignored.

class EricssonFilter

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LdapAuthenticationMethod

+-Ldap

+-EricssonFilter

Provides configuration of features supported by the Ericsson LDAP schema.

This class must be used when profileFilter in Ldap MO is set to ERICSSON_FILTER.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`ericssonFilterId` The value component of the RDN.
`LdapDistinguishedName[0..1]`	`roleAliasesBaseDn` LDAP DN to a subtree of objects that is used to convert alias roles to roles the ME understands. An option for authorization methods that implements Role Based Access Control. The value is an LDAP DN. The format of the DN for such an object is 'role=[role], roleAliasesBaseDn', where [role] must be replaced with the name of a role alias or role group. All these objects must be accessible from the base DN defined in this attribute. For example: if roleAliasesBaseDn = "dc=example,dc=com" and the user has role Admin, and the object "role=Admin,dc=example,dc=com" exists and has attribute ericssonUserAuthorizationScope = Administrator, the user receives the Administrator role.
`BasicAdmState`	`targetBasedAccessControl = LOCKED` Toggles Target Based Access Control. The User Management MO provides the <Target Type> strings of the ME. The TBAC authorization behavior is defined in the User Management MOC. The optional Ericsson LDAP-schema-specified attribute ericssonUserAuthenticationScope stores the targets where the user can be authenticated and authorized. It is a case-insensitive string of <Target Type>. The Ericsson target-type identifier, such as ‘bsc’, ‘cscf’, classifies the target type the user can access. The optional Ericsson LDAP-schema-specified attribute ericssonUserAuthorizationScope stores the authorization profiles of which the user is a member. It is a case-insensitive string of form <Target Type>:<Authorization Profile>, where ':' is a separator; <Target Type> is the Ericsson target-type identifier, such as ‘bsc’, ‘cscf’, and it classifies the target type for which the user acquires the <Authorization Profile>. <Authorization Profile> is the Ericsson application-defined profile, for example, a role. Attribute ericssonUserAuthenticationScope behavior: When TBAC is LOCKED in the ME, authentication and authorization are performed without TBAC. When TBAC is UNLOCKED in the ME and the user has a target-restricted authentication scope, authentication and authorization are performed when a match is found. If not, it fails. Attribute ericssonUserAuthenticationScope allows the use of wild-carded scope ('') to permit the user to be authorized on any ME based on its ericssonUserAuthorizationScope attribute. Attribute ericssonUserAuthorizationScope behavior: When TBAC is LOCKED in the ME, the authorization profiles without target qualifiers and with wildcard target qualifier ('') are assigned to the user from the user database. When TBAC is UNLOCKED in the ME, the authorization profiles with matching target qualifiers and with wildcard target qualifier are assigned to the user from the user database. In addition, role aliases are accepted also without a target qualifier. Not using the Ericsson LDAP schema in the user accounts, or improper use of this schema causes authorization failure. For more details, refer to the Ericsson LDAP Interface Description. Example with roles: If the ME in User Management MOC is configured with 'cscf.ims.stockholm' and the LDAP user account contains: ericssonUserAuthenticationScope: cscf.ims.stockholm ericssonUserAuthenticationScope: cscf.ims.malmo ericssonUserAuthorizationScope: cscf.ims.stockholm:SystemAdministrator ericssonUserAuthorizationScope: cscf.ims.malmo:SystemSecurityAdministrator ericssonUserAuthorizationScope: *:ApplicationOperator Then given the LDAP user provided a correct password it is authenticated on the ME and assigned with role 'SystemAdministrator' and 'ApplicationOperator'.
`EricssonFilterVersion`	`version = 2` The selected version of the Ericsson filtering behavior. Version 1 is deprecated. Version 1 allows wildcarding of roles without any qualifier and it supports the use of '' character. Such syntax applies the given role on all targets: ericssonUserAuthorizationScope: ApplicationOperator ericssonUserAuthorizationScope: :ApplicationOperator Version 2 differentiates the wildcarding behavior depending on the value of attribute targetBasedAccessControl. When targetBasedAccessControl is LOCKED, both syntaxes are allowed and assigns the role to the user in the ME. When targetBasedAccessControl is UNLOCKED, it only allows the use of '*' character, but unqualified roles are ignored.

class EricssonFilter

class Evip

..

+-Transport

+-Evip

+-EvipAlbs [1..1]

+-EvipDeclarations [1..1]

+-EvipParams [1..1]

+-EvipPortRanges [1..1]

+-EvipSelectionPolicies [1..1]

+-EvipXfrmSelectionPolicies [1..1]

Top class for EVIP Configuration

Attributes
`string key mandatory noNotification restricted`	`evipId` The version of Evip config

class Evip

class EvipAlb

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipErsipParams [1..1]

+-EvipFees [1..1]

+-EvipFlowPolicies [1..1]

+-EvipLbes [1..1]

+-EvipSes [1..1]

+-EvipTargetPools [1..1]

+-EvipVips [1..1]

Defines an Abstract Load Balancer (ALB).

Actions
`void`	`activate ( );` Activates the ALB. The activation may fail if the ALB configuration is invalid. The current state can be examined in the "state" attribute.
`void`	`inactivate ( );` Inactivates the ALB.
`void`	`reloadike ( );` Send reload command to the IKE agent.

Attributes
`string[0..]`	`commands` Deprecated. An array of commands that are executed when the ALB is activated. The commands are referred by their identity specified in the EvipCommandDefinition. The commands are preceded by a floating point order number and a colon, for example "1.0:defroute". The commands are executed in order lower to higher. The commands are executed on all LBEs, FEEs in the ALB. Deprecated: Deprecated in eVIP 2.3
`string key mandatory noNotification restricted`	`evipAlbId` The RDN attribute. Must be a unique name selected by the operator.
`string[0..1]`	`ipsecServiceIp` This is an IPv6 address for internal use in eVIP (one per ALB). The eVIP system administrator must make sure this IP does not collide with anything else in the system. If this value is not provided then eVIP uses an internally calculated value.
`string[0..1]`	`ipvsTcpfinTimeout = 120` This timeout value (in seconds) is used for IPVS connections, for TCP sessions after receiving a FIN packet. The default value is 120. For more information see manual page of IPVS (IP Virtual Server).
`string[0..1]`	`ipvsTcpTimeout = 9000` This timeout value (in seconds) is used for IPVS connections, for TCP sessions in ESTABLISHED state. The default value is 9000. For more information see manual page of IPVS (IP Virtual Server).
`string[0..1]`	`ipvsUdpTimeout = 120` This timeout value (in seconds) is used for IPVS connections, for UDP packets. The default value is 120. For more information see manual page of IPVS (IP Virtual Server).
`string[0..1]`	`lbeHash = 2-tuple` Defines the hash algorithm for traffic distribution to Load Balancing Elements (LBE). Valid settings; 2-tuple \| 5-tuple 2-tuple is default. Protocol ports are not included and hence all traffic between a src,dest address pait will pass the same LBE. 5-tuple hashing will include protocol port and traffic from a specific source will be distributed between available LBE's. HOWEVER THERE IS A PRICE TO PAY; 5-tuple distribution will exclude some important features such as; - IPSec - "Strict" traffic distribution - Traffic bundling
`string[0..1]`	`numIpsecKeys = 256` Number of units (keys) used for SE connection distribution. Must be a power of 2. This value should be several times higher than the number of SEs but a too high value will slow down reconfiguration on an SE failure. The default is 256 and will do nicely for most cases.
`string`	`numKeys = 256` Number of units (keys) used for connection distribution. Must be a power of 2. This value should be several times higher than the number of LBEs but a too high value will slow down reconfiguration on an LBE failure. The default is 256 and will do nicely for most cases.
`string[0..1]`	`private = no` <p>Private ALB contains IP configuration that may overlap with other ALBs. Default value is "no".</p>
`string[0..1]`	`serviceIp` This is an IPv6 address for internal use in eVIP (one per ALB). The eVIP system administrator must make sure this IP does not collide with anything else in the system. If this value is not provided then eVIP uses an internally calculated value.
`string[0..1] readOnly`	`state` This is the state of the ALB. The state can be "ACTIVE" or "INACTIVE".
`string[0..1]`	`udpEncapsulationPort = 0` Optional port number used for UDP encapsulation of IPsec packets, aka NAT traversal. If the value is 0 or the attribute is omitted, NAT-T is disabled. Recommended value is 4500 if not 0.

class EvipAlb

class EvipAlbs

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb [0..]

Container class for Abstract Load Balancers (ALBs).

Attributes
`string[0..]`	`commands` DEPRECATED An array of commands that are executed on all ALBs when they are activated. The commands are referred by their identity specified in the EvipCommandDefinition. The commands are preceded by a floating point order number and a colon, for example "1.0:defroute". The commands are executed in order lower to higher. The commands are executed on all LBEs, FEEs and payload nodes in all ALBs. Deprecated: Planned to be deleted.
`string key mandatory noNotification restricted`	`evipAlbsId` The RDN attribute. Always "1".

class EvipAlbs

class EvipCluster

..

+-Transport

+-Evip

+-EvipDeclarations

+-EvipCluster

+-EvipNode [0..]

Describes the cluster where EVIP is running.

Attributes
`string[0..]`	`commands` An array of commands that are executed on all nodes when EVIP starts. The commands are referred by their identity specified in the EvipCommandDefinition. The commands are preceded by a floating point order number and a colon, for example "1.0:defroute". The commands are executed in order lower to higher.
`string[0..]`	`commandsForAllUndesignated` An array of commands that are executed on all undesignated nodes when EVIP starts. The commands are referred by their identity specified in the EvipCommandDefinition. The commands are preceded by a floating point order number and a colon, for example "1.0:defroute". The commands are executed in order lower to higher.
`string key mandatory noNotification restricted`	`evipClusterId` RDN Attribute. Always "1".
`string[0..1]`	`macvlanLinkLocalRangeStart = fe80::200:ff:feff:1` The MAC addresses are generated at random. For large clusters the probability for collisions becomes too high. Instead a range is used with this base address plus the node-id.
`string`	`primaryInterface = bond0` Names the interface to use for EVIP traffic. This interface should be redundant in some way for instance with bonding.

class EvipCluster

class EvipCommand

..

+-Transport

+-Evip

+-EvipDeclarations

+-EvipCommandDefinition

+-EvipCommand

Defines a command to be used as a startup command. Startup commands may be defined at many places in the EVIP configuration. The actual shell command is defined here and is referred by its identity from other places.

Attributes
`string mandatory`	`command` This is the shell command to execute.
`string key mandatory noNotification restricted`	`evipCommandId` The RDN attribute. This identity is used as reference at other places in the EVIP configuration when the command is used.

class EvipCommand

class EvipCommandDefinition

..

+-Transport

+-Evip

+-EvipDeclarations

+-EvipCommandDefinition

+-EvipCommand [0..]

Container class for all command definitions.

Attributes
`string key mandatory noNotification restricted`	`evipCommandDefinitionId` The RDN attribute. Always "1".

class EvipCommandDefinition

class EvipDeclarations

..

+-Transport

+-Evip

+-EvipDeclarations

+-EvipCluster [0..1]

+-EvipCommandDefinition [0..1]

Container class for generic EVIP declarations.

Attributes
`string key mandatory noNotification restricted`	`evipDeclarationsId` The RDN attribute. Always "1".

class EvipDeclarations

class EvipErsipParams

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipErsipParams

+-EvipParam [0..]

Container for the ALB specific RSIP parameters.

Attributes
`string key mandatory noNotification restricted`	`evipErsipParamsId` RDN attribute. Always "1".

class EvipErsipParams

class EvipFee

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipFees

+-EvipFee

+-EvipRoutingSetup [0..]

+-EvipSupervisedRemoteGateway [0..]

Defines a Front End Element (FEE).

Actions
`void`	`activate ( );` Deprecated. Activates the FEE. The FEE must be activated after the routing parameters have been updated. The current state can be examined in the "state" attribute. Deprecated: Deprecated in eVIP 2.1
`void`	`inactivate ( );` Deprecated. Inactivates the FEE. The FEE must be inactive when routing parameters are updated. The current state can be examined in the "state" attribute. Deprecated: Deprecated in eVIP 2.1

Attributes
`string[0..]`	`commands` An array of commands that are executed on the FEE when the containing ALB is activated. The commands are referred by their identity specified in the EvipCommandDefinition. The commands are preceded by a floating point order number and a colon, for example "1.0:defroute". The commands are executed in order lower to higher.
`string key mandatory noNotification restricted`	`evipFeeId` The RDN attribute. A unique name within the ALB.
`string mandatory`	`externalInterface` The name of the interface to the external DCN. The interfaces may have a appended VLAN tag, for instance "eth3.4711".
`string[0..1]`	`extIfBridging = 1` Default true. Indicate if a bridged interface shall be used in the FEE. If set to false the nic-interface (e.g. "eth1") will be moved into the FEE container and will become invisible in the main name space. This attribute shall be set to false when bridging external interfaces is not allowed, e.g. some cloud environments.
`string mandatory`	`node` The node-id of the node where the FEE is executing.
`string[0..1] readOnly`	`state` The state of the FEE. May be ACTIVE or INACTIVE.

class EvipFee

class EvipFees

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipFees

+-EvipFee [0..]

Container class for Front End Elements (FEEs).

Attributes
`string[0..]`	`commands` An array of commands that are executed on all FEEs when the containing ALB is activated. The commands are referred by their identity specified in the EvipCommandDefinition. The commands are preceded by a floating point order number and a colon, for example "1.0:defroute". The commands are executed in order lower to higher.
`string key mandatory noNotification restricted`	`evipFeesId` The RDN Attribute. Always "1".

class EvipFees

class EvipFlowPolicies

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipFlowPolicies

+-EvipFlowPolicy [0..]

Container Class for Flow Policies.

Attributes
`string key mandatory noNotification restricted`	`evipFlowPoliciesId` The RDN attribute. Always "1".

class EvipFlowPolicies

class EvipFlowPolicy

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipFlowPolicies

+-EvipFlowPolicy

Defines a Flow Policy. Incoming traffic selected by this Flow Policy must match all defined attributes (logical AND).

Attributes
`string[0..1]`	`addressFamily` Incoming traffic with this address family is selected by this Flow Policy. Obsolete:
`string mandatory`	`dest` It specifies the destination VIP address identified either by its corresponding name (named reference to VIP address) or by explicit IP address value as configured in the EvipVIP managed object. The incoming packet traffic with this destination (local) IP address is selected by this Flow Policy.
`string[0..1]`	`destPort` Incoming traffic with this (local) destination port is selected by this Flow Policy. Only 15 distinct ports or port ranges can map to one sticky target pool. This is due to a hard limit in iptables. Flow policies that specify ports that are in a range are converted to a range. For example if there are three flow policies for destPort 80, 81 and 82 (otherwise identical and mapped to the same sticky target pool) these policies will be converted to one range 80-82. 15 such ranges (or individual ports) on one sticky target pool is the maximum.
`string key mandatory noNotification restricted`	`evipFlowPolicyId` The RDN attribute. A unique name within the ALB.
`string mandatory`	`protocol` Defines the protocol for the Flow Policy: Supported values are; "tcp" "udp" "sctp" "other" "all"
`string[0..1]`	`soGrp` The socket group for this flow policy. The soGrp is used instead of a targetPool for certain protocols, for now only SCTP. soGrp and targetPool are mutually exclusive.
`string[0..1]`	`src` Incoming traffic with this source (remote) network address is selected by this Flow Policy.
`string[0..1]`	`srcPort` Incoming traffic with this source (remote) port is selected by this Flow Policy.
`string[0..1]`	`targetPool` The name of the Target Pool within the containing ALB that receives traffic selected by this Flow Policy. soGrp and targetPool are mutually exclusive.
`UsageState[0..1] readOnly`	`usageState` Specifies whether Flow policy is currently deployed or not. This depends if vip address is provided in corresponding VIP object

class EvipFlowPolicy

class EvipFmDummy

EvipFmDummy

Not used

Attributes
`string key mandatory noNotification restricted`	`dummyId` -

class EvipFmDummy

class EvipLbe

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipLbes

+-EvipLbe

Defines a Load Balancing Element (LBE).

Attributes
`string[0..]`	`commands` An array of commands that are executed on the LBE the containing ALB is activated. The commands are refered by their identity specified in the EvipCommandDefinition. The commands are preceeded by a floating point order number and a colon, for example "1.0:defroute". The commands are executed in order lower to higher.
`string key mandatory noNotification restricted`	`evipLbeId` RDN attribute. A unique name within the ALB.
`string mandatory`	`node` The node-id of the node where the LBE is executing.

class EvipLbe

class EvipLbes

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipLbes

+-EvipLbe [0..]

Container class for Load Balancing Elements (LBEs)

Attributes
`string[0..]`	`commands` An array of commands that are executed on all LBEs when the containing ALB is activated. The commands are refered by their identity specified in the EvipCommandDefinition. The commands are preceeded by a floating point order number and a colon, for example "1.0:defroute". The commands are executed in order lower to higher.
`string key mandatory noNotification restricted`	`evipLbesId` The RDN attribute. Always "1".

class EvipLbes

class EvipNode

..

+-Transport

+-Evip

+-EvipDeclarations

+-EvipCluster

+-EvipNode

Describes the logical EvipNode and how it is allocated to a processing unit (blade/VM) in the cluster.

Attributes
`string[0..]`	`commands` An array of commands that are executed on this node when EVIP starts. The commands are refered by their identity specified in the EvipCommandDefinition. The commands are preceeded by a floating point order number and a colon, for example "1.0:defroute". The commands are executed in order lower to higher. The commands defined here are executed after any commands defined on cluster level.
`string`	`distribution = fixed` Floating behavior of the EvipNode can be selected by setting distribution to FLOATING. This means that the EvipNode automatically is allocated, and reallocated if needed, to any vacant processing unit in the cluster. If this parameter is set to FIXED (default) the EvipNode will be allocated to a specific processing unit identified by Hostname.
`string key mandatory noNotification restricted`	`evipNodeId` This is the RDN attribute. The node identities must be a consecutive integer value for all nodes. This identity is used to define node ranges, for instance "3-9" at other places in the EVIP configuration.
`string[0..1]`	`floatPriority` This attribute is used to prioritize which EvipNodes to keep running in the case where fewer vacant processing units than the number of floating EvipNodes are available in the cluster. Higher value equals higher priority and the use of decimal numbers (floating point) is allowed. The attribute is only valid if distribution is set to FLOATING.
`string[0..1]`	`hostname` This is the hostname of the processing unit (blade/VM) in the cluster where the EvipNode shall be located. It is just the simple hostname printed when the "hostname" command is executed, not the fully qualified domain name. The attribute is only valid if distribution is set to FIXED.
`string[0..1]`	`primaryInterface` Obsolete (Not used any more) Names the interface to use for EVIP traffic. This interface should be redundant in some way for instance with bonding. This should only be specified if the interface name on this particular node differs from the one specified on cluster level. Obsolete:

class EvipNode

class EvipParam

..

+-Transport

+-Evip

+-EvipParams

+-EvipParam

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipFees

+-EvipFee

+-EvipRoutingSetup

+-EvipParam

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipErsipParams

+-EvipParam

Defines a generic parameter. This class is used on many places for defining various parameters.

Attributes
`string key mandatory noNotification restricted`	`evipParamId` The RDN attribute. This is the parameter name or "key".
`string mandatory`	`value` The parameter value.

class EvipParam

class EvipParams

..

+-Transport

+-Evip

+-EvipParams

+-EvipParam [0..]

Container class for generic EVIP parameters.

Attributes
`string key mandatory noNotification restricted`	`evipParamsId` The RDN attribute. Always "1".

class EvipParams

class EvipPayload

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipTargetPools

+-EvipTargetPool

+-EvipPayload

Defines a payload node in a Target Pool.

Attributes
`string[0..]`	`commands` An array of commands that are executed on this node when EVIP starts. The commands are referred by their identity specified in the EvipCommandDefinition. The commands are preceded by a floating point order number and a colon, for example "1.0:defroute". The commands are executed in order lower to higher.
`string key mandatory noNotification restricted`	`evipPayloadId` The RDN attribute. This specifies the node-id or a node-id range.
`string[0..1]`	`weight` For weighted distribution methods this is an integer value defining the "weight" of the payload node. Id the distribution method is non-weighted this attribute is ignored.

class EvipPayload

class EvipPortRange

..

+-Transport

+-Evip

+-EvipPortRanges

+-EvipProtocol

+-EvipPortRange

Defines a Port Range.

Attributes
`string[0..1]`	`blocksize` OBSOLETE. Blocksize=64 (fixed value) Obsolete:
`string key mandatory noNotification restricted`	`evipPortRangeId` The RDN attribute. The port range. This must be a port range, for instance "1-32767". Please see restrictions on allowed ranges in the EVIP Management Guide.
`string`	`type = wellknown` The range type. Must be "wellknown".

class EvipPortRange

class EvipPortRanges

..

+-Transport

+-Evip

+-EvipPortRanges

+-EvipProtocol [0..]

Container for port-ranges. The ranges are defined per protocol.

Attributes
`string key mandatory noNotification restricted`	`evipPortRangesId` The RDN, always "1"

class EvipPortRanges

class EvipProtocol

..

+-Transport

+-Evip

+-EvipPortRanges

+-EvipProtocol

+-EvipPortRange [0..]

Container class for Port Ranges.

Attributes
`string key mandatory noNotification restricted`	`evipProtocolId` The RDN attribute. Defines the protocol for the cotained port ranges. Supported values are; "tcp" "udp" "sctp" "other" "all"

class EvipProtocol

class EvipRoutingSetup

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipFees

+-EvipFee

+-EvipRoutingSetup

+-EvipParam [0..]

Contains routing setup parameter for a specific routing protocol.

Attributes
`string key mandatory noNotification restricted`	`evipRoutingSetupId` The RDN attribute. This attribute specifies the routing protocol. The supported protocols are; "ospfv2" "bfd_ospfv2" "ospfv3" "bfd_ospfv3" "bfd_static" "bfd_static6" "static" "static6" For the specific routing parameters please see the "EVIP Management Guide"

class EvipRoutingSetup

class EvipSe

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipSes

+-EvipSe

IP-sec related

Attributes
`string[0..] nonUnique`	`commands` An array of commands that are executed the SE when the containing ALB is activated. The commands are refered by their identity specified in the EvipCommandDefinition. The commands are preceeded by a floating point order number and a colon, for example "1.0:defroute". The commands are executed in order lower to higher.
`string key mandatory noNotification restricted`	`evipSeId` This is the RDN attribute. This must be an unique name within the alb.
`string mandatory`	`node` The node-id of the node where the SE is executing.

class EvipSe

class EvipSelectionPolicies

..

+-Transport

+-Evip

+-EvipSelectionPolicies

+-EvipSelectionPolicy [0..]

Container class for Selection policies.

Attributes
`string key mandatory noNotification restricted`	`evipSelectionPoliciesId` The RDN attribute. Always "1".

class EvipSelectionPolicies

class EvipSelectionPolicy

..

+-Transport

+-Evip

+-EvipSelectionPolicies

+-EvipSelectionPolicy

Defines a Selection Policy. Traffic selected by a Selection Policy in this ALB is directed to this ALB.
Traffic selected by this Selection Policy must match all defined attributes (logical AND).

Attributes
`string mandatory`	`alb` Traffic selected by this policy is directed towards this ALB.
`string[0..1]`	`bindPort` OBSOLETE (value ignored) Incoming traffic to this port is selected by this selection policy. This attribute is only checked if an application makes a "bind" to the ANY address. Obsolete:
`string[0..1]`	`dest` OBSOLETE (value ignored) Outgoing traffic with this (remote) address or subnet is selected by this Selection Policy. Obsolete:
`string[0..1]`	`destPort` OBSOLETE (value ignored) Outgoing traffic with this (remote) port is selected by this Selection Policy. Obsolete:
`string[0..1]`	`env` OBSOLETE (value ignored) Obsolete:
`string key mandatory noNotification restricted`	`evipSelectionPolicyId` The RDN attribute. The name must be unique.
`string[0..]`	`payloadNode` OBSOLETE (value ignored) A multivalue attribute that defines the payload nodes where this Selection Policy is applied. Obsolete:
`string[0..1]`	`process` Taffic to or from this process is selected by this Selection Policy.
`string[0..1]`	`protocol` OBSOLETE (value ignored) The level 4 protocol. Supported values are; "tcp" "udp" "sctp" "other" "all" Obsolete:
`string mandatory`	`sortorder` This must be a floating point number. The SelectionPolicies are ordered and are applied lowest->highest. This attribute defines the order. If more than one SelectionPolicy has the same value in this attribute the order is unspecified.

class EvipSelectionPolicy

class EvipSes

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipSes

+-EvipSe [0..]

Container for se-objects

Attributes
`string[0..] nonUnique`	`commands` An array of commands that are executed on all SEs when the containing ALB is activated. The commands are refered by their identity specified in the EvipCommandDefinition. The commands are preceeded by a floating point order number and a colon, for example "1.0:defroute". The commands are executed in order lower to higher.
`string key mandatory noNotification restricted`	`evipSesId` The RDN attribute. Always "1"

class EvipSes

class EvipSupervisedRemoteGateway

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipFees

+-EvipFee

+-EvipSupervisedRemoteGateway

Defines an external gateway to supervise. This gateway may for instance be a router essential for EVIP traffic. If EVIP loses contact with the gateway an alarm is raised.

Attributes
`string[0..1]`	`description` This is an optional description defined by the operator. The purpose of this attribute is to simplify the procedure when an alarm is raised for this gateway. The operator receiving the alarm for this gateway should open this object and read the description attribute for more information about the gateway. This attribute can for instance contain the location or identiry of the gateway, or a local contact person or any other useful information.
`string key mandatory noNotification restricted`	`evipSupervisedRemoteGatewayId` The RDN attribute. This is the IP-address of the supervised gateway.

class EvipSupervisedRemoteGateway

class EvipTargetPool

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipTargetPools

+-EvipTargetPool

+-EvipPayload [0..]

Defines a Target Pool.

Attributes
`string[0..1]`	`allUndesignated = 0` True if any undesignated node will belong to this target pool. Used for cloud floating node configuration.
`string`	`distributionMethod = round_robin` The distribution method. Supported values are; "round_robin" "weighted_round_robin" "least_connection" "weighted_least_connection" "locality_based_least_connection" "locality_based_least_connection_with_replication" "destination_hash" "source_hash" "shortest_expected_delay" "never_queue" OBSOLETE values: "strict_round_robin" "strict_weighted_round_robin" "strict_least_connection" "strict_weighted_least_connection" "strict_shortest_expected_delay" "strict_never_queue"
`string key mandatory noNotification restricted`	`evipTargetPoolId` The RDN attribute. This is a unique name within the ALB. This name is used in Flow Policies that selects traffic to this Target Pool.
`string[0..1]`	`stickinessTimeout = 0` Decides the time in seconds a connection shall be persistent.
`string[0..1]`	`stickyGroup = true` Stickiness means that all network traffic form one remote host is distributed to the same node. This may for instance be necessary to hold together a HTTP session consisting of multiple connections. Stickiness could however cause poor distribution if you have a dominant source and is to be avoided if possible.
`string[0..1]`	`udpStateless = false` Decides if UDP traffic should be semi-persistant or totaly stateless. Should be used if "packet-sprayer" is needed for UDP.

class EvipTargetPool

class EvipTargetPools

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipTargetPools

+-EvipTargetPool [0..]

Container class for Target Pools.

Attributes
`string key mandatory noNotification restricted`	`evipTargetPoolsId` RDN attribute. Always "1".

class EvipTargetPools

class EvipVip

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipVips

+-EvipVip

Defines a Virtual IP address (VIP)

Actions
`void`	`activate ( );` Activates the VIP. The current state can be examined in the "state" attribute.
`void`	`deactivate ( );` Deactivates the VIP.

Attributes
`IpDNSAddress[0..1]`	`address` The real VIP address to use if evipVipId specifies the VIP by name. Note: Not used if EvipVipId is configured with an explicit IP address for the VIP.
`string[0..1]`	`autoActivate = 1` True if the vip shall be announced (activated) at startup and creation.
`string[0..1]`	`deflt` OBSOLETE (value ignored) Identifies the default VIP. Only one VIP in the containing ALB must have this attribute set to "true" Obsolete:
`string[0..1]`	`equivSrcAddr = 0` True if this address can be used for alias feature.
`string key mandatory noNotification restricted`	`evipVipId` The RDN attribute. VIP addresses can be specified in two alternative ways. Either by explicit IP address or specified by name, that is, by a named reference. The names must be unique within the scope of an ALB. The value configured here can either be an explicitly given IPv4 or IPv6 address or a named reference to the actual IP address. When a named reference is used, the actual IP address is configured within this same managed object in the vipAddr attribute. For example, the IPv4 address 10.1.1.4 can be explicitly given here with its numerical dot notation syntax, or alternatively be given here implicitly through a named reference to the actual IP address. The value of evipVipId attribute can be used to identify a VIP address in Flow Policy configuration. For example, a VIP address specified by name.
`string[0..1] readOnly`	`state` This is the state of the VIP. The state can be "ACTIVE", "INACTIVE" or "PENDING".

class EvipVip

class EvipVips

..

+-Transport

+-Evip

+-EvipAlbs

+-EvipAlb

+-EvipVips

+-EvipVip [0..]

Container class for Virtual IP addresses (VIPs).

Attributes
`string key mandatory noNotification restricted`	`evipVipsId` The RDN attribute. Always "1".

class EvipVips

class EvipXfrmSelectionPolicies

..

+-Transport

+-Evip

+-EvipXfrmSelectionPolicies

+-EvipXfrmSelectionPolicy [0..]

Container class for Xfrm Selection policies.

Attributes
`string key mandatory noNotification restricted`	`evipXfrmSelectionPoliciesId` RDN attribute, always "1".

class EvipXfrmSelectionPolicies

class EvipXfrmSelectionPolicy

..

+-Transport

+-Evip

+-EvipXfrmSelectionPolicies

+-EvipXfrmSelectionPolicy

Xfrm Alb selection policy. This is used to redirect XFRM (IPSec) configuration settings to a particular ALB (rather than the local Linux kernel).
For further information please see the EVIP Management Guide.

Attributes
`string mandatory`	`alb` The ALB that handles traffic selected by this policy.
`string[0..1]`	`default` If default=yes, this policy will apply to any process name and any value of EVIP_XALB. But selection policies with a lower order value can still override this policy.
`string[0..1]`	`env` Set the EVIP_XALB environment variable to this value to use this policy.
`string key mandatory noNotification restricted`	`evipXfrmSelectionPolicyId` The RDN attribute, must be a unique name.
`string[0..1]`	`local` OBSOLETE! Replaced by the "storage" attribute. Obsolete:
`string[0..1]`	`order` The order of the selection policy as a floating point number. The selection plicy with lowest order is used if multiple policies match.
`string[0..] nonUnique`	`payloadNode` Optional integer, denoting the payload node where this parameter is valid. If the eVIP configuration contains floating nodes, this parameter must be empty, and every XFRM ALB selection policy has an effect on every blade.
`string[0..1]`	`process` The name of the process this policy maps to.
`string[0..1]`	`storage` How IPsec objects are stored. "local"=use local linux kernel "node"=accessible from inserter node only. Not supported on floating nodes. "alb"=accessible from whole ALB. Please see the EVIP Management Guide for more information.

class EvipXfrmSelectionPolicy

class FeatureKey

..

+-SystemFunctions

+-Lm

+-FeatureKey

Key of a licensed feature that is available for the Managed Element.

This MO is created by the system.

Attributes
`DateTime[0..1] readOnly`	`expiration` The key expiry date and time. For perpetual keys, the value is NULL.
`string key mandatory noNotification restricted`	`featureKeyId` The value component of the RDN.
`boolean readOnly`	`granted` Indicates whether or not the licensed feature has been granted by the License Manager.
`string[0..1] readOnly`	`keyId` Identity of the feature under license control. E.g., CXC4011234, FAT1021234
`string readOnly`	`name` The name of the feature represented by the key.
`string[0..1] readOnly`	`productType` Identifier of the type of product to which the capacity is related. This attribute is used only in systems where the different applications use separate key files to identify which application or product the capacity belongs to, e.g. “SASN”, “GSN_GGSN”, “SSR 8000”.
`boolean[0..1] readOnly`	`shared = false` Indicates whether the key is shared among Managed Elements or dedicated to the Managed Element. A key is dedicated to the Managed Element if the key can be used only by the Managed Element. This is always the case when the ELIM format is used. A key can be shared among multiple Managed Elements if it is installed on a License Server to which multiple Managed Elements connect.
`DateTime readOnly`	`validFrom` The date and time from which the key is valid.
`string[0..1] readOnly`	`version` Version of licensed feature.

class FeatureKey

class FileGroup

..

+-SystemFunctions

+-FileM

+-LogicalFs

+-FileGroup

+-FileGroup [0..]

+-FileInformation [0..]

..

+-FileGroup

+-FileGroup

+-FileGroup [0..]

+-FileInformation [0..]

A set of files that are logically related and possible to manage by a common policy.
To allow a tree-structured hierarchical representation of groups of files, the FileGroup class has an association to itself. Over the northbound interface of the managed element, the instances of classes LogicalFs and FileGroup represent a file system.

References from:: FileGroupPolicy;
References to:: ManagedObject;

Actions

boolean

removeFile ( string file );: Removes a named file from this file group.
The file name can contain a regular expression and thus a set of files in the file group that match the expression can be removed. The regular expression is interpreted according to POSIX pattern definition used for file name expansion. Action removeFile() returns True when the files are removed, otherwise False.; Parameters

Name: file
Description: This parameter specifies the file in the FileGroup to be removed.
The file string is interpreted as a regular expression and all files that match the expression are removed.

Attributes
`string key mandatory noNotification restricted`	`fileGroupId` Value component of the RDN.
`FileInfo[0..] readOnly`	`files` Container with information about the files under this file group.
`boolean noNotification readOnly`	`internalHousekeeping` If true, the files in this file group are maintained by the system. User-defined housekeeping policies associated with this file group are excluded.
`ManagedObject[0..1] noNotification readOnly`	`reservedByPolicy` Indicates the DN of the FileGroupPolicy MO and sets the file group housekeeping policy.

class FileGroup

class FileGroupPolicy

..

+-SystemFunctions

+-FileM

+-FileGroupPolicy

+-ThresholdMonitoring [0..8]

FileGroupPolicy defines housekeeping rules for file groups.
FileGroups already maintained by the system, as indicated by internalHousekeeping, are excluded from FileM housekeeping.

References to:: FileGroup;

Attributes
`FileGroup[0..] nonUnique`	`fileGroup` A reference to one or more file groups to which the defined housekeeping policy applies.
`string key mandatory noNotification restricted`	`fileGroupPolicyId` Value component of the RDN.
`FullAction[0..1]`	`fullFileGroupAction = DISCARD_OLDEST` Defines the action taken by the housekeeping logic when a limit is reached. Two limits can be defined by attributes maxFileGroupSize or maxNumberFiles. No limits are considered on maxFileGroupSize or maxNumberFiles if the action to take is unset. Possible values are: -DISCARD_NEWEST: The system does not allow a new file to be stored if that causes the limit to be exceeded. -DISCARD_OLDEST: If the limit is exceeded by storing a new file, the oldest files in the group are deleted before storing the new file.
`int32`	`maxFileGroupSize = 0` Defines the maximum size of each tree of file groups related to this FileGroupPolicy. 0 indicates that no limit is set. The unit is kilobyte. If the tree of file groups referenced by this policy includes a tree of file groups with its own policy, these file groups are excluded when the number of files for this policy are calculated.
`int32`	`maxNumberFiles = 0` Defines the maximum number of files of each tree of file groups related to this FileGroupPolicy. 0 indicates that no limit is set. If the tree of file groups referenced by this policy includes a tree of file groups with its own policy, these file groups are excluded when the number of files for this policy are calculated.
`int32`	`retentionTime = 0` Indicates for how long the files in this group are kept before being automatically deleted. The unit is minutes. 0 indicates that the files are kept for ever.
`string[0..1]`	`userLabel` Label for free use.

class FileGroupPolicy

class FileInformation

..

+-FileGroup

+-FileInformation

An instance of FileInformation represents a file.

This MO is created by the system.

Deprecated:

Attributes
`string key mandatory noNotification restricted`	`fileInformationId` Value component of the RDN. Deprecated:
`DateTimeWithoutOffset[0..1] noNotification readOnly`	`modificationTime` Date and time of latest modification. Deprecated:
`int64[0..1] noNotification readOnly`	`size` The size of the file in kilobyte. Deprecated:
`string[0..1] noNotification readOnly`	`type` The type of the file. The type specifies how the content of the file is structured and shall follow common practice. For example, "xml" indicates that the content of the file is structured according to the eXtensible Markup Language. Deprecated:

class FileInformation

class FileM

..

+-SystemFunctions

+-FileM

+-FileGroupPolicy [0..]

+-LogicalFs [1..1]

The top class of the the FileM model.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`fileMId` Value component of the RDN.
`string[0..1]`	`userLabel` Label for free use.

class FileM

class FileMConfigData

..

+-SystemFunctions

+-FileM

+-LogicalFs

+-FileMConfigData

Hidden MOC for fileM configuration

This MO is created by the system.

Filter: filemData

Attributes
`string key mandatory noNotification restricted`	`fileMConfigDataId` The value component of the RDN. Filter: filemData
`string noNotification readOnly`	`internalRoot` Internal root for File Management Filter: filemData

class FileMConfigData

class FileTPM

..

+-SystemFunctions

+-SysM

+-FileTPM

+-FtpServer [0..1]

+-FtpTls [0..1]

+-Sftp [0..1]

The top class for server and client configuration of different protocols implementing file transfer.
Lists the protocols supported by the ME by any file transfer client or server.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`fileTPMId` The value component of the RDN.

class FileTPM

class Filter

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LdapAuthenticationMethod

+-Ldap

+-Filter

Indicates the filter used to locate the user's authorization profile in the LDAP directory.

This class must be used when profileFilter in Ldap MO is set to FLEXIBLE.

Example of use with POSIX group objects as authorization profile:

The user authorization profile is mapped to posixGroups in the LDAP schema. Each posixGroup contains a set of users and by this association, users are mapped into one or more groups. To identify the set of groups a user is a member of, the following search filter must be used:

(&(objectClass=posixGroup)(memberUid=%u)) cn

where %u is the user ID parameter used during authentication and cn is the common name value returned for the posixGroup. This must match an authorization entity, for example role, in an authorization method. (&(objectClass=posixGroup)(memberUid="")) is the search filter contained by the filter attribute.

This MO is created by the system.

Attributes
`string[0..1]`	`filter` The filter used to search in the LDAP tree. Example: (&(objectClass=posixGroup)(memberUid="")), This specifies a filter, where the authorized users are members of posixGroup objects in the LDAP schema. Double quotes indicate where the ME inserts the user identifier.
`string key mandatory noNotification restricted`	`filterId` The value component of the RDN.
`string[0..1]`	`type` Determines which attribute to retrieve from an element in the database. The value can be the name of any parameter in the LDAP schema, for example, 'cn'.
`string[0..1]`	`userLabel` An additional descriptive text.

class Filter

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LdapAuthenticationMethod

+-Ldap

+-Filter

Indicates the filter used to locate the user's authorization profile in the LDAP directory.

This class must be used when profileFilter in Ldap MO is set to FLEXIBLE.

Example of use with POSIX group objects as authorization profile:

The user authorization profile is mapped to posixGroups in the LDAP schema. Each posixGroup contains a set of users and by this association, users are mapped into one or more groups. To identify the set of groups a user is a member of, the following search filter must be used:

(&(objectClass=posixGroup)(memberUid=%u)) cn

where %u is the user ID parameter used during authentication and cn is the common name value returned for the posixGroup. This must match an authorization entity, for example role, in an authorization method. (&(objectClass=posixGroup)(memberUid="")) is the search filter contained by the filter attribute.

This MO is created by the system.

Attributes
`string[0..1]`	`filter` The filter used to search in the LDAP tree. Example: (&(objectClass=posixGroup)(memberUid="")), This specifies a filter, where the authorized users are members of posixGroup objects in the LDAP schema. Double quotes indicate where the ME inserts the user identifier.
`string key mandatory noNotification restricted`	`filterId` The value component of the RDN.
`string[0..1]`	`type` Determines which attribute to retrieve from an element in the database. The value can be the name of any parameter in the LDAP schema, for example, 'cn'.
`string[0..1]`	`userLabel` An additional descriptive text.

class Filter

class Fm

..

+-SystemFunctions

+-Fm

+-FmAlarm [0..]

+-FmAlarmModel [0..]

..

+-SystemFunctions

+-Fm

+-FmAlarm [0..]

+-FmAlarmModel [0..]

The root MOC of the Fault Management branch.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`fmId` Holds the name used when identifying the MO.
`uint32[0..1]`	`heartbeatInterval = 60` The interval in seconds, with which a heartbeat notification is sent to all alarm consumers.
`DateTime[0..1] noNotification readOnly`	`lastChanged` The timestamp of when any alarm was last changed. With this attribute, an external system can determine if a resynchronization operation is needed, such as following a loss and restore of a communications link.
`uint64[0..1] noNotification readOnly`	`lastSequenceNo` The last used sequence number for an alarm state change notification. The sequence numbers are consecutive. With this attribute, an external system can determine if a resynchronization operation is needed, such as following a loss and restore of a communications link.
`uint32[0..1] noNotification readOnly`	`sumCritical` Shows the number of active alarms with perceived severity 'critical'.
`uint32[0..1] noNotification readOnly`	`sumMajor` Shows the number of active alarms with perceived severity ‘major’.
`uint32[0..1] noNotification readOnly`	`sumMinor` Shows the number of active alarms with perceived severity ‘minor’.
`uint32[0..1] noNotification readOnly`	`sumWarning` Shows the number of active alarms with perceived severity ‘warning’.
`uint32[0..1] noNotification readOnly`	`totalActive` Shows the total number of currently active alarms. This corresponds to the the total number of instantiated FmAlarm objects.

class Fm

The root MOC of the Fault Management branch.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`fmId` Holds the name used when identifying the MO.
`uint32[0..1]`	`heartbeatInterval = 60` The interval in seconds, with which a heartbeat notification is sent to all alarm consumers.
`DateTime[0..1] noNotification readOnly`	`lastChanged` The timestamp of when any alarm was last changed. With this attribute, an external system can determine if a resynchronization operation is needed, such as following a loss and restore of a communications link.
`uint64[0..1] noNotification readOnly`	`lastSequenceNo` The last used sequence number for an alarm state change notification. The sequence numbers are consecutive. With this attribute, an external system can determine if a resynchronization operation is needed, such as following a loss and restore of a communications link.
`uint32[0..1] noNotification readOnly`	`sumCritical` Shows the number of active alarms with perceived severity 'critical'.
`uint32[0..1] noNotification readOnly`	`sumMajor` Shows the number of active alarms with perceived severity ‘major’.
`uint32[0..1] noNotification readOnly`	`sumMinor` Shows the number of active alarms with perceived severity ‘minor’.
`uint32[0..1] noNotification readOnly`	`sumWarning` Shows the number of active alarms with perceived severity ‘warning’.
`uint32[0..1] noNotification readOnly`	`totalActive` Shows the total number of currently active alarms. This corresponds to the the total number of instantiated FmAlarm objects.

class Fm

class FmAlarm

..

+-Fm

+-FmAlarm

..

+-Fm

+-FmAlarm

An FmAlarm instance represents an active alarm.
An alarm is a persistent indication of a fault that clears only when the triggering condition has been resolved.

This MO is created by the system.

Attributes
`SeverityLevel[0..1] noNotification readOnly`	`activeSeverity` The perceived severity of the alarm. It may change during the alarm's lifetime. Specification: RFC3877
`AdditionalInformation[0..] noNotification readOnly`	`additionalInfo` Further information about the problem. The information is represented as a set of data structures with two items of information, an identifier and a value. It may change during the alarm's lifetime.
`string[0..1] noNotification readOnly`	`additionalText` Extra information about the alarm. It may change during the alarm's lifetime.
`EventType[0..1] noNotification readOnly`	`eventType` General category for the alarm. Specification: ITU-T X.733 X.736
`string key mandatory noNotification restricted`	`fmAlarmId` Holds the name used when identifying the MO.
`DateTime[0..1] noNotification readOnly`	`lastEventTime` The timestamp of when the alarm was last updated. This is set at alarm information change or severity change.
`uint32[0..1] noNotification readOnly`	`majorType` The attributes majorType and minorType are the two key attributes used to identify the alarm type.
`uint32[0..1] noNotification readOnly`	`minorType` The attributes majorType and minorType are the two key attributes used to identify the alarm type.
`string[0..1] noNotification readOnly`	`originalAdditionalText` The additional text set when the alarm was raised. This attribute is set when the alarm is raised and will not change during the alarm's lifetime.
`DateTime[0..1] noNotification readOnly`	`originalEventTime` The timestamp when the alarm was raised. This attribute is set when the alarm is raised and will not change during the alarm's lifetime.
`SeverityLevel[0..1] noNotification readOnly`	`originalSeverity` The perceived severity set when the alarm was raised. It will not change during the alarm's lifetime. Specification: RFC3877
`ProbableCause[0..1] noNotification readOnly`	`probableCause` Qualifies and provides further information on the reason for the event. A standard set of probableCause values is provided in the ERICSSON-ALARM-PC-MIB.
`int64[0..1] noNotification readOnly`	`sequenceNumber` A unique identity for every notification sent. This identity changes at every notification, that is, severity change and information change. It is not the same as the fmAlarmId as multiple notifications may be sent for one alarm instance.
`string[0..1] noNotification readOnly`	`source` The distinguished name of the alarming object.
`string[0..1] noNotification readOnly`	`specificProblem` Provides further refinement to the information given by probableCause. Can be used to find an associated operating instruction (OPI).

class FmAlarm

An FmAlarm instance represents an active alarm.
An alarm is a persistent indication of a fault that clears only when the triggering condition has been resolved.

This MO is created by the system.

Attributes
`SeverityLevel[0..1] noNotification readOnly`	`activeSeverity` The perceived severity of the alarm. It may change during the alarm's lifetime. Specification: RFC3877
`AdditionalInformation[0..] noNotification readOnly`	`additionalInfo` Further information about the problem. The information is represented as a set of data structures with two items of information, an identifier and a value. It may change during the alarm's lifetime.
`string[0..1] noNotification readOnly`	`additionalText` Extra information about the alarm. It may change during the alarm's lifetime.
`EventType[0..1] noNotification readOnly`	`eventType` General category for the alarm. Specification: ITU-T X.733 X.736
`string key mandatory noNotification restricted`	`fmAlarmId` Holds the name used when identifying the MO.
`DateTime[0..1] noNotification readOnly`	`lastEventTime` The timestamp of when the alarm was last updated. This is set at alarm information change or severity change.
`uint32[0..1] noNotification readOnly`	`majorType` The attributes majorType and minorType are the two key attributes used to identify the alarm type.
`uint32[0..1] noNotification readOnly`	`minorType` The attributes majorType and minorType are the two key attributes used to identify the alarm type.
`string[0..1] noNotification readOnly`	`originalAdditionalText` The additional text set when the alarm was raised. This attribute is set when the alarm is raised and will not change during the alarm's lifetime.
`DateTime[0..1] noNotification readOnly`	`originalEventTime` The timestamp when the alarm was raised. This attribute is set when the alarm is raised and will not change during the alarm's lifetime.
`SeverityLevel[0..1] noNotification readOnly`	`originalSeverity` The perceived severity set when the alarm was raised. It will not change during the alarm's lifetime. Specification: RFC3877
`ProbableCause[0..1] noNotification readOnly`	`probableCause` Qualifies and provides further information on the reason for the event. A standard set of probableCause values is provided in the ERICSSON-ALARM-PC-MIB.
`int64[0..1] noNotification readOnly`	`sequenceNumber` A unique identity for every notification sent. This identity changes at every notification, that is, severity change and information change. It is not the same as the fmAlarmId as multiple notifications may be sent for one alarm instance.
`string[0..1] noNotification readOnly`	`source` The distinguished name of the alarming object.
`string[0..1] noNotification readOnly`	`specificProblem` Provides further refinement to the information given by probableCause. Can be used to find an associated operating instruction (OPI).

class FmAlarm

class FmAlarmModel

..

+-Fm

+-FmAlarmModel

+-FmAlarmType [0..]

..

+-Fm

+-FmAlarmModel

+-FmAlarmType [0..]

This is a container for grouping FM alarm types.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`fmAlarmModelId` Holds the name used when identifying the MO.

class FmAlarmModel

This is a container for grouping FM alarm types.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`fmAlarmModelId` Holds the name used when identifying the MO.

class FmAlarmModel

class FmAlarmType

..

+-FmAlarmModel

+-FmAlarmType

..

+-FmAlarmModel

+-FmAlarmType

A specific kind of alarm that can be reported, for example "power failure".
In an X.733 context it maps to event type, probable cause, and specific problem. The same principle is used for alert types as for alarm types.

This MO is created by the system.

References from:: MeasurementType;

Attributes
`string[0..1] noNotification readOnly`	`additionalText` Extra information that would not be contained by other FmAlarmType attributes.
`SeverityLevel[0..1]`	`configuredSeverity` Gives the possibility to configure the perceived severity for all alarms of this type. If set, this value overrides the perceived severity provided by the alarming object. Setting this attribute has no impact on existing alarms, only new and updated ones. Specification: RFC3877
`SeverityLevel[0..1] noNotification readOnly`	`defaultSeverity` The default perceived severity for all alarms of this type. Not set means alarms of this type can be assigned different severities. Specification: RFC3877
`EventType[0..1] noNotification readOnly`	`eventType` General category for the alarm type. Specification: ITU-T X.733, X.736
`string key mandatory noNotification restricted`	`fmAlarmTypeId` Holds the name used when identifying the MO.
`boolean[0..1] noNotification readOnly`	`isStateful` True indicates alarm. False indicates alert (stateless alarm).
`uint32[0..1] noNotification readOnly`	`majorType` The attributes majorType and minorType are the two key attributes used to identify the alarm type.
`uint32[0..1] noNotification readOnly`	`minorType` The attributes majorType and minorType are the two key attributes used to identify the alarm type.
`string[0..1] noNotification readOnly`	`moClasses` A list of the Managed Object classes that can raise this alarm type. This attribute contains a comma seperated list of Managed Object classes types that use this alarm type. It is for information only. Deprecated: This attribute has no purpose and is not used by anyone.
`ProbableCause[0..1] noNotification readOnly`	`probableCause` Qualifies and provides further information on the reason for the event. A standard set of probableCause values is provided in the ERICSSON-ALARM-PC-MIB. Specification: ITU-T M.3100, X.733, X.736; ETSI GSM 12.11.
`string[0..1] noNotification readOnly`	`specificProblem` Provides further refinement to the information given by probableCause. Can be used to find an associated operating instruction (OPI).

class FmAlarmType

A specific kind of alarm that can be reported, for example "power failure".
In an X.733 context it maps to event type, probable cause, and specific problem. The same principle is used for alert types as for alarm types.

This MO is created by the system.

References from:: MeasurementType;

Attributes
`string[0..1] noNotification readOnly`	`additionalText` Extra information that would not be contained by other FmAlarmType attributes.
`SeverityLevel[0..1]`	`configuredSeverity` Gives the possibility to configure the perceived severity for all alarms of this type. If set, this value overrides the perceived severity provided by the alarming object. Setting this attribute has no impact on existing alarms, only new and updated ones. Specification: RFC3877
`SeverityLevel[0..1] noNotification readOnly`	`defaultSeverity` The default perceived severity for all alarms of this type. Not set means alarms of this type can be assigned different severities. Specification: RFC3877
`EventType[0..1] noNotification readOnly`	`eventType` General category for the alarm type. Specification: ITU-T X.733, X.736
`string key mandatory noNotification restricted`	`fmAlarmTypeId` Holds the name used when identifying the MO.
`boolean[0..1] noNotification readOnly`	`isStateful` True indicates alarm. False indicates alert (stateless alarm).
`uint32[0..1] noNotification readOnly`	`majorType` The attributes majorType and minorType are the two key attributes used to identify the alarm type.
`uint32[0..1] noNotification readOnly`	`minorType` The attributes majorType and minorType are the two key attributes used to identify the alarm type.
`string[0..1] noNotification readOnly`	`moClasses` A list of the Managed Object classes that can raise this alarm type. This attribute contains a comma seperated list of Managed Object classes types that use this alarm type. It is for information only. Deprecated: This attribute has no purpose and is not used by anyone.
`ProbableCause[0..1] noNotification readOnly`	`probableCause` Qualifies and provides further information on the reason for the event. A standard set of probableCause values is provided in the ERICSSON-ALARM-PC-MIB. Specification: ITU-T M.3100, X.733, X.736; ETSI GSM 12.11.
`string[0..1] noNotification readOnly`	`specificProblem` Provides further refinement to the information given by probableCause. Can be used to find an associated operating instruction (OPI).

class FmAlarmType

class FtpServer

..

+-SystemFunctions

+-SysM

+-FileTPM

+-FtpServer

+-FtpTlsServer [0..1]

+-SftpServer [0..1]

Generic configuration options for a file transfer server.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`ftpServerId` The value component of the RDN.
`uint16[0..1]`	`idleTimer { 1.. }` The amount of seconds after which an idle session is terminated. Specifies the maximum time an FTP session may remain idle. A session will be dropped if the length of the idle session exceeds the configured time. No idleTimer means idle sessions are not limited. Unit: 1 seconds

class FtpServer

class FtpTls

..

+-SystemFunctions

+-SysM

+-FileTPM

+-FtpTls

Represents the common configuration parameters of FTP over Transport Layer Security (TLS) clients on the ME.

This MO is created by the system.

References to:: ManagedObject;

Attributes
`string key mandatory noNotification restricted`	`ftpTlsId` The value component of the RDN.
`ManagedObject[0..1]`	`nodeCredential` The credential used for FTP over TLS based file transfer. Specifies the DN of a NodeCredential MO in Certificate Management.
`ManagedObject[0..1]`	`trustCategory` The set of certificates trusted by the FTP over TLS based file transfer. Specifies the DN of a TrustCategory MO in Certificate Management.

class FtpTls

class FtpTlsServer

..

+-SystemFunctions

+-SysM

+-FileTPM

+-FtpServer

+-FtpTlsServer

Represents the FTP over Transport Layer Security (TLS) server of the ME.

The server only accepts FTP sessions that are explicitly requesting a TLS layer by the "AUTH TLS" command.

This MO is created by the system.

References to:: ManagedObject;

Attributes
`BasicAdmState mandatory`	`administrativeState` The administrative state for the FTP server. When LOCKED all on-going connections will immediately be terminated.
`string key mandatory noNotification restricted`	`ftpTlsServerId` The value component of the RDN.
`uint16 mandatory`	`maxDataPort` The maximum port number for PASV data connections. Must be greater or equal to minDataPort.
`uint16 mandatory`	`minDataPort` The minimum port number for PASV data connections. Must be lower or equal to maxDataPort.
`ManagedObject[0..1]`	`nodeCredential` The credential used for FTP over TLS based file transfer. Specifies the DN of a NodeCredential MO in Certificate Management.
`uint16`	`port = 21` The listening port number of the FTP over TLS server control connection. The TLS layer is established on the regular FTP port by issuing an "AUTH TLS" command.
`ManagedObject[0..1]`	`trustCategory` The set of certificates trusted by the FTP over TLS based file transfer. Specifies the DN of a TrustCategory MO in Certificate Management.

class FtpTlsServer

class GTConvert

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksAAACommonRoot

+-GTConvertManager

+-GTConvert

GTConvert configuration

Attributes
`string`	`digitsToAdd = 86139` digits to be added
`string key mandatory noNotification restricted`	`gtConvertId` The value component of the RDN.
`string`	`IMSISeries = 46000*` IMSI series
`ISDNNOA`	`natureOfAddress = NOA_SUBSCRIBER_NUMBER` Nature of address
`uint8`	`numOfDigitToRemove = 5` number of digits to removed

class GTConvert

class GTConvertManager

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksAAACommonRoot

+-GTConvertManager

+-GTConvert [0..]

GT convert manager

Attributes
`string key mandatory noNotification restricted`	`gtConvertManagerId` GT convert manager

class GTConvertManager

class HcCalendarBasedPeriodicEvent

..

+-SystemFunctions

+-HealthCheckM

+-HcJob

+-HcJobScheduler

+-HcCalendarBasedPeriodicEvent

Represents a calendar based event for executing one health check job periodically.
This construct can be used to execute periodically a health check job by specifying the desired interval using calendar. For instance, in order to trigger a health check job execution every night at 2:00 am, the following setup must be done:
time=02:00:00

The start time for calculating scheduled events is assumed to be the current system time by default, unless explicitly set using the 'startTime' attribute. Furthermore, if the configured event is to stop at a specific date, 'stopTime' attribute must be set accordingly. Note that the default value of 'stopTime' is the end of century.
A scheduled event of this type is triggered only if ALL the conditions with regard to attribute values are satisfied. For example, if "dayOfWeek" is set to Monday and "dayOfMonth" is set to 1, the event will be triggered only if the first day of month is Monday.
Daylight saving adjustments in Spring and Fall are addressed such that the affected scheduled events are triggered exactly once.

Attributes
`DayOfMonth`	`dayOfMonth = 0` Day of month.
`DayOfWeek`	`dayOfWeek = ALL` Day of week.
`DayOfWeekOccurrence`	`dayOfWeekOccurrence = ALL` The occurrence of the day of week specified by dayOfWeek attribute in the month.
`string key mandatory noNotification restricted`	`hcCalendarBasedPeriodicEventId` Holds the name used when identifying the MO.
`Month`	`month = 0` Month.
`DateTime[0..1]`	`startTime` Start time. It is an optional attribute. If not specified, the implementation uses the current system time as the default value.
`DateTime[0..1]`	`stopTime = 2099-12-31T23:59:59` Stop time. It is an optional attribute. The default value is the end of the century.
`Time mandatory`	`time` This is the time when the scheduled event must occur.

class HcCalendarBasedPeriodicEvent

class HcJob

..

+-SystemFunctions

+-HealthCheckM

+-HcJob

+-HcJobScheduler [0..1]

Represents a health check job which can be executed on a ME.
This class facilitates in executing one or more categories of health check rules.
After each job execution the attributes 'lastUpdateTime' and 'lastStatus' in HealthCheckM MOC are updated accordingly.
It is possible to execute the job on demand or by a scheduler.
A report file is generated for each executed health check job and stored in the predefined folder with a compressed archive file containing logs used for the rules evaluation to be used for further investigation.

References from:: HcJob; HealthCheckM;
References to:: HcJob;

Actions

void

execute ( string exportUri , EcimPasswordString exportPassword );: Executes the health check job.
This action executes the health check job, executing the rules for the configured categories, and optionally exports the report file.; Parameters

Name: exportUri
Description: Specifies the URI where the job execution output file is to be exported.
This URI must not contain the file name, that is specified by 'lastReportFileName' attribute value.

The generic URI syntax is defined by RFC 3986. The URI must not contain any password. (The password must be provided in the second parameter of this action).
The URI may be local relative (e.g., data/dir/subdir/), or local absolute (e.g., file:///data/dir/subdir/), or remote (sftp://user@hostname/dir/subdir/).
If the URI is local absolute, report and logs archive files are stored under the provided local path.
If the URI is local relative, report and logs archive files are stored under the file system path built chaining the value of localFileStorePath attribute with the provided relative path.
If the URI is remote, report and logs archive files are stored under the provided remote path.
Note: HTTP based URIs are not supported.

Name: exportPassword
Description: Specifies the password required to access the location specified by the URI.
This parameter is considered only if a SFTP URI is provided, otherwise it is ignored.

Attributes
`FailedHcRule[0..] nonUnique readOnly`	`failedRules` Provides a condensed status for the last job execution. Provides the list of the rules for which the result was not the expected one. It is empty when job status is healthy or not available.
`string key mandatory noNotification restricted`	`hcJobId` Holds the name used when identifying the MO. Specifies the name of the health check job.
`HcRuleParameter[0..] nonUnique`	`inputParameters` Specifies customizable input parameters for rules evaluation. Each item in the list is a triple <hcRule, parameter_name, parameter_value> for which a user-defined attribute can be provided.
`HcJob[0..1]`	`jobToTrigger` Specifies the DN of another job to be executed when the current job reports ME is not healthy. The execution of another job, for instance to execute rules associated to different categories, might give more detailed information about NE status.
`string[0..1] noNotification readOnly`	`lastReportFileName` Specifies the name of the report file which is generated from the latest execution of the job. All the report files are placed in a predefined folder, as indicated by the 'localFileStorePath' attribute value. An archive containing some log files is generated as well. The name format of the report file generated is <MEId>_<JobName>_<Timestamp>. Timestamp is in the format YYYYMMDDTHHmmSS, where 4 digits for the year, 2 digits for the month, 2 digits for the date, 2 digits for the hours, 2 digits for the minutes and 2 digits for the seconds are specified. 'T' acts as a delimiter between date and time in the above timestamp format. If the job is executed by the action, the suffix "_man" is added at the end of the file name.
`DateTime[0..1] readOnly`	`lastRunTime` Specifies the date and time of the last time the job has been executed.
`string[0..1] noNotification readOnly`	`localFileStorePath` Specifies the filesystem path where the ouput report files can be fetched. It is empty if FileM is not installed/configured.
`AsyncActionProgress[0..1] readOnly`	`progressReport` Specifies the execution status and result of the health check job.
`HcCategory[1..] mandatory`	`rulesCategories` Specifies the list of categories of health check rules to be executed.
`HealthStatus readOnly`	`status = NOT_AVAILABLE` Specifies the health status based on result of all executed rules.

class HcJob

class HcJobScheduler

..

+-SystemFunctions

+-HealthCheckM

+-HcJob

+-HcJobScheduler

+-HcCalendarBasedPeriodicEvent [0..]

+-HcPeriodicEvent [0..]

+-HcSingleEvent [0..]

Represents the health check job scheduler to start a job automatically at a specified time.
Three scheduling policies are supported:
1. Single event: Executes a health check job once at a specified date and time.
2. Periodic event: Executes a health check job regularly at a specified time interval.
3. Calendar based periodic event: Executes a health check job regularly at a desired interval using calendar.

Once the MO HcJobScheduler is created, MOs HcSingleEvent, HcPeriodicEvent and HcCalendarPeriodicEvent can be created for each of such events.
Scheduler requires to be unlocked to start job execution setting the attribute 'administrativeState'.

This MO is created by the system.

Attributes
`BasicAdmState`	`administrativeState = LOCKED` Specifies the administrative state of the scheduler.
`string key mandatory noNotification restricted`	`hcJobSchedulerId` Holds the name used when identifying the MO. Specifies the name of the health check job scheduler.
`DateTime[0..1] readOnly`	`nextScheduledTime` Specifies the date and time when the next scheduled event is triggered. This is the earliest scheduled event from among the set of configured events (single, periodic and calendar-based periodic events).

class HcJobScheduler

class HcPeriodicEvent

..

+-SystemFunctions

+-HealthCheckM

+-HcJob

+-HcJobScheduler

+-HcPeriodicEvent

Represents a time interval based event for executing one health check job periodically.
This construct can be used to execute periodically a health check job by specifying the number of months, weeks, days, hours, or minutes. For instance, in order to trigger a health check job execution every 12 hours, the following setup must be done:
hours=12

The start time for calculating scheduled events is assumed to be the current system time by default, unless explicitly set using the 'startTime' attribute. Furthermore, if the configured event is to stop at a specific date, 'stopTime' attribute must be set accordingly. Note that the default value of 'stopTime' is the end of century.

Attributes
`uint16`	`days = 0` The number of days.
`string key mandatory noNotification restricted`	`hcPeriodicEventId` Holds the name used when identifying the MO.
`uint16 mandatory`	`hours` The number of hours.
`uint16`	`minutes = 0` The number of minutes.
`uint16`	`months = 0` Deprecated, The number of months. Replaced by CalendarBasedPeriodicEvent.month. Deprecated:
`DateTime[0..1]`	`startTime` Start time. It is an optional attribute. If not specified, the implementation uses the current system time as the default value.
`DateTime[0..1]`	`stopTime = 2099-12-31T23:59:59` Stop time. It is an optional attribute. The default value is the end of the century.
`uint16`	`weeks = 0` The number of weeks.

class HcPeriodicEvent

class HcRule

..

+-SystemFunctions

+-HealthCheckM

+-HcRule

Represents a health check rule.
This class facilitates in providing detailed information about an individual health check rule.
Each rule belongs to one or more health check categories.
Each rule is also associated with a severity value, warning or critical, that affects the evaluation of the overall NE healthiness. For instance, if the result of at least one critical rule is not as expected, node status is evaluated as not healthy requiring an immediate action.
Some health check rules can accept optional parameters as input for the evaluation, if no values are provided system default input parameters are used.

This MO is created by the system.

Attributes
`BasicAdmState`	`administrativeState = UNLOCKED` Specifies the administrative state of the rule.
`HcCategory[1..] readOnly`	`categories` Specifies the list of categories which the rule belongs to.
`string noNotification readOnly`	`description` Specifies health check rule description.
`string key mandatory noNotification restricted`	`hcRuleId` Holds the name used when identifying the MO. Its value is divided into two parts. The first one is an unique identifier for the rule provider while the second one is a numeric identifier (a progressive number for example).
`HcRuleInputParameter[0..] nonUnique readOnly`	`inputParameters` Specifies the list of input parameters accepted by the rule with related default values. It is empty in case the rule does not accept any parameters change.
`string noNotification readOnly`	`name` Specifies the name of a health check rule.
`string readOnly`	`recommendedAction` Specifies the step that needs to be performed when the health check rule execution fails.
`RuleSeverity noNotification readOnly`	`severity` Specify the severity of the rule for the evaluation of the overall NE healthiness.

class HcRule

class HcSingleEvent

..

+-SystemFunctions

+-HealthCheckM

+-HcJob

+-HcJobScheduler

+-HcSingleEvent

Represents a date/time based event for executing a health check job once.
A single (one-shot) scheduled health check job is executed at the date and time specified by 'scheduledTime' attribute.

Attributes
`string key mandatory noNotification restricted`	`hcSingleEventId` Holds the name used when identifying the MO.
`DateTime mandatory`	`scheduledTime` Scheduled time.

class HcSingleEvent

class HealthCheckM

..

+-SystemFunctions

+-HealthCheckM

+-HcJob [0..]

+-HcRule [0..]

Represents the root MOC for Health Check Management function.
The Health Check Management function reports summary views of the managed element current state highlighting any deviations from a normal behavior. It can be used to attend upgrades and to support preventive maintenance and problem resolution.
The healthiness status is obtained by verifying a set of rules according to their severity, grouped in predefined categories. For instance, if the result of at least one critical rule is not as expected, node status is evaluated as not healthy requiring an immediate action.
The categories of rules which the Health Check Management function is acting upon are system installed.
A health check job can be created selecting one or more categories of rules on which the ME healthiness is evaluated.
A report file is generated for each executed health check job and stored in the predefined folder with a compressed archive file containing logs used for the rules evaluation to be used for further investigation.

This MO is created by the system.

References to:: HcJob;

Attributes
`string key mandatory noNotification restricted`	`healthCheckMId` Holds the name used when identifying the MO.
`HcJob[0..1] readOnly`	`lastExecutedJob` Specifies the DN of the last job executed to check the ME healthiness.
`HealthStatus noNotification readOnly`	`lastStatus = NOT_AVAILABLE` Specifies the ME healthiness status according to the last executed job.
`DateTime[0..1] readOnly`	`lastUpdateTime` Specifies the date and time of the last time the health of the system has been updated.
`uint16`	`maxNoOfReportFiles = 10` Specifies the maximum number of report files with related log files archive maintained in the ME. If a new file is created and the limit is exceeded, the oldest file is deleted.

class HealthCheckM

class Host

..

+-Transport

+-Host

+-Ikev1PolicyProfile [0..]

+-Ikev2PolicyProfile [0..]

+-IpsecProposalProfile [0..]

+-IpsecTunnel [0..]

Representation of an IP domain for traffic termination.

This MO is created by the system.

References to:: ManagedElement;

Attributes
`string key mandatory noNotification restricted`	`hostId` Value component of the RDN.
`ManagedElement mandatory restricted`	`l3Ref` Reference to an eVIP ALB
`string[0..1]`	`userLabel` Label for free use.

class Host

class HssDomain

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterStack

+-HssDomain

HSS domain information

Attributes
`string key mandatory noNotification restricted`	`hssDomainId` The value component of the RDN.
`string`	`hssRealm = hss.ericsson.se` HSS Dest-Realm information Takes effect: Immediately

class HssDomain

class Ikev1PolicyProfile

..

+-Transport

+-Host

+-Ikev1PolicyProfile

CommonÂ informationÂ forÂ multipleÂ IKEÂ sessionsÂ toÂ beÂ instantiatedÂ onÂ aÂ managedÂ element.

OneÂ orÂ moreÂ Ikev2SessionÂ instancesÂ mightÂ referÂ toÂ thisÂ instance.

References from:: Ikev1Session;
References to:: ManagedObject;

Attributes
`ConnectionType restricted`	`connectionType = BOTH` Connection type of the IKEv1 session.
`ManagedObject[0..1] restricted`	`credential` Reference to the managed element own credential to be used in IKEv1 negotiation. Valid reference is NodeCredential in Certificate Management Branch. If credential and trustCategory are not specified, then preshared key-based authentication is selected. The referring Ikev1Session instances must have preshared keys installed.
`uint32 restricted`	`dpdKeepAliveInterval = 30` dpdKeepAliveInterval defines the time interval between R_U_THERE messages sent to the IKE peer. Unit: 1 secs
`uint32 restricted`	`dpdTime = 150` Time to detect an IKE SA is down. If the SA is down, an attempt is made to re-establish the SA. If this attempt fails, an alarm is issued. Unit: 1 secs
`Identity[0..1] restricted`	`identityLocal` LocalÂ identity. IfÂ theÂ localÂ identityÂ isÂ notÂ configured,Â itÂ isÂ automaticallyÂ configuredÂ inÂ theÂ systemÂ asÂ follows: a)Â InÂ caseÂ ofÂ certificateÂ basedÂ authentication,Â theÂ localÂ identityÂ isÂ setÂ toÂ theÂ sameÂ valueÂ asÂ specifiedÂ byÂ theÂ subjectÂ altÂ nameÂ inÂ theÂ certificateÂ thatÂ theÂ nodeÂ use. b)Â InÂ caseÂ ofÂ presharedÂ key-basedÂ authentication,Â theÂ localÂ identityÂ isÂ setÂ toÂ theÂ localÂ IPÂ addressÂ ofÂ theÂ tunnel.
`string key mandatory noNotification restricted`	`ikev1PolicyProfileId` Value component of the RDN.
`Ikev1Proposal[1..] nonUnique ordered mandatory restricted`	`ikev1Proposal` Ordered list of IKE transforms (proposals) to be used for IKE SA negotiation. At least one IKE transform must be specified. The first one in the list has the highest priority.
`uint32 restricted`	`phase1SaLifetime = 180` Lifetime for Phase 1 SA. Unit: 1 mins
`ManagedObject[0..1] restricted`	`trustCategory` Reference to a trusted certificates group. Valid reference is TrustCategory in Certificate Management Branch. If credential and trustCategory are not specified, then pre-shared key based authentication is selected. The referring Ikev1Session instances have to have pre-shared keys installed.
`string[0..1] restricted`	`userLabel` Label for free use.

class Ikev1PolicyProfile

class Ikev1Session

..

+-Transport

+-Host

+-IpsecTunnel

+-Ikev1Session

RuntimeÂ informationÂ onÂ IKEv2Â session.

References to:: Ikev1PolicyProfile;

Actions
`void`	`installPreSharedKey ( string presharedKey );` Install a preshared key for this IKEv1 session. If both credential and trustCategory have valid references, then the preshared key is not used even if it is installed. Parameters Name: presharedKey Description: String used as presharedkey.

Attributes
`Identity[0..1] restricted`	`identityRemote` IdentityÂ ofÂ theÂ IKEv1Â peer. IfÂ identityRemoteÂ isÂ notÂ specified,Â theÂ sessionÂ willÂ validateÂ theÂ remoteÂ IKEÂ identifyÂ asÂ follows: a)Â InÂ caseÂ ofÂ certificateÂ basedÂ authentication,Â theÂ peer’sÂ IKEÂ IDÂ mustÂ beÂ consistentÂ withÂ eitherÂ theÂ subjectÂ altÂ nameÂ orÂ theÂ subjectÂ fieldÂ inÂ theÂ peersÂ certificate; b)Â InÂ caseÂ ofÂ pre-sharedÂ keyÂ basedÂ authentication,Â theÂ peer'sÂ IKEÂ IDÂ mustÂ beÂ consistentÂ withÂ theÂ configuredÂ IPÂ addressÂ ofÂ theÂ peer.
`Ikev1PolicyProfile mandatory restricted`	`ikev1PolicyProfile` ReferenceÂ toÂ anÂ IKEÂ profileÂ instance.
`string key mandatory noNotification restricted`	`ikev1SessionId` Value component of the RDN.
`string[0..1] restricted`	`userLabel` Label for free use.

class Ikev1Session

class Ikev2PolicyProfile

..

+-Transport

+-Host

+-Ikev2PolicyProfile

Common information for multiple IKE sessions to be instantiated on a managed element.

One or more Ikev2Session instances might refer to this instance.

References from:: Ikev2Session;
References to:: ManagedObject;

Attributes
`ConnectionType restricted`	`connectionType = BOTH` Connection type of the IKEv2 session.
`ManagedObject[0..1] restricted`	`credential` Reference to the managed element own credential to be used in IKEv2 negotiation. Valid reference is a NodeCredential in Certificate Management Branch. If credential and trustCategory are not specified, then preshared key-based authentication is selected. The referring Ikev2Session instances must have preshared keys installed.
`uint32 restricted`	`dpdKeepAliveInterval = 30` The keep alive interval with which INFORMATIONAL exchanges are sent to the peer. Unit: 1 secs
`Identity[0..1] restricted`	`identityLocal` Local identity. If the local identity is not configured, it is automatically configured in the system as follows: a) In case of certificate based authentication, the local identity is set to the same value as specified by the subject alt name in the certificate that the node use. b) In case of preshared key-based authentication, the local identity is set to the local IP address of the tunnel.
`uint32 restricted`	`ikeSaLifetime = 180` Lifetime for IKE SA. Unit: 1 mins
`string key mandatory noNotification restricted`	`ikev2PolicyProfileId` Value component of the RDN.
`Ikev2Proposal[1..] nonUnique ordered mandatory restricted`	`ikev2Proposal` Ordered list of IKE proposals to be used for IKE SA negotiation. At least one IKE proposal must be specified. The first one in the list has the highest priority.
`ManagedObject[0..1] restricted`	`trustCategory` Reference to a trusted certificates group. Valid reference is TrustCategory in Certificate Management Branch. If credential and trustCategory are not specified, then pre-shared key based authentication is selected. The referring Ikev2Session instances have to have pre-shared keys installed.
`string[0..1] restricted`	`userLabel` Label for free use.

class Ikev2PolicyProfile

class Ikev2Session

..

+-Transport

+-Host

+-IpsecTunnel

+-Ikev2Session

Ikev2Session is used to specify that IKEv2 should be used to negotiate SA’s for the tunnel.

It contains parameters specific to the IKEv2 protocol.

References to:: Ikev2PolicyProfile;

Actions

void

installPreSharedKey ( PresharedKey presharedKey );: Install a preshared key for the IKEv2 session.

The installation of the pre-shared key is completed if the action is completed without error. Any error returned by the action indicates that the installation is not performed.
If both credential and trustCategory have valid references, then the preshared key is not used even if it is installed.; Parameters

Name: presharedKey
Description: String used as presharedkey.

Attributes
`Identity[0..1] restricted`	`identityRemote` Identity of the IKEv2 peer. If identityRemote is not specified, the session will validate the remote IKE identify as follows: a) In case of certificate based authentication, the peer’s IKE ID must be consistent with either the subject alt name or the subject field in the peers certificate; b) In case of pre-shared key based authentication, the peer's IKE ID must be consistent with the configured IP address of the peer.
`Ikev2PolicyProfile mandatory restricted`	`ikev2PolicyProfile` Reference to an IKE policy profile instance.
`string key mandatory noNotification restricted`	`ikev2SessionId` Value component of the RDN.
`string[0..1] restricted`	`userLabel` Label for free use.

class Ikev2Session

class IMEICheck

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-EPCAAAService

+-IMEICheck

IMEI Check Control

Attributes
`boolean`	`allowAbsentIMEI = true` With the configuration switch "Enable" of IMEI Check set to "true", if there is no IMEI information sent to AAA, then the behavior depends on the setting of configuration switch of "AllowAbsentIMEI" : true : proceeds with the authentication and authorization false : reject the authentication The default value of this configuration switch is "true". Takes effect: Immediately
`boolean`	`allowGreyList = true` With the configuration switch "Enable" of IMEI Check set to "true", if EIR replys to AAA with the result of "ME Identity in Grey List", then the behavior depends on the setting of configuration switch of "AllowGreyList" : true : proceeds with the authentication and authorization false : reject the authentication The default value of this configuration switch is "true". Takes effect: Immediately
`boolean`	`allowUnknownIMEI = false` With the configuration switch "Enable" of IMEI Check set to "true", if EIR reply to AAA with the result of "Unknown IMEI", then the behavior depends on the setting of configuration switch of "AllowUnknownIMEI" : true : proceeds with the authentication and authorization false : reject the authentication The default value of this configuration switch is "false". Takes effect: Immediately
`boolean`	`enable = false` The configuration switch is to control whether IMEI Check function is enabled or not. true : IMEI Check is enabled. false : IMEI Check is disabled. The default value of this configuration switch is disabled. Takes effect: Immediately
`string key mandatory noNotification restricted`	`imeiCheckId` The value component of the RDN.

class IMEICheck

class IntegrationUnlock

..

+-SystemFunctions

+-Lm

+-IntegrationUnlock

Integration Unlock state information.

This MO is created by the system.

Attributes
`uint8 readOnly`	`activationsLeft` Remaining allowed Integration Unlock activations left.
`LmActivationState readOnly`	`activationState` Activation state of Integration Unlock.
`DateTime[0..1] readOnly`	`expiration` Expiry date and time of Integration Unlock. The value is NULL if the activation state is INACTIVE.
`string key mandatory noNotification restricted`	`integrationUnlockId` The value component of the RDN.

class IntegrationUnlock

class IPAllocationService

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-IPAllocationService

This Managed Object Class is for AAA IP allocation service configuration.

Attributes
`uint32`	`cachedLeaseNumInServer = 0` Specifies the cached lease number in server. It is used to improve efficiency. Takes effect: After next restart
`boolean`	`ipAllocateByNas = false` If the value is true, IPWorks will send frame IP address value 255.255.255.254, and NAS can take 255.255.255.254 as a signal to allocate ip by NAS itself. Takes effect: After next restart
`string key mandatory noNotification restricted`	`ipAllocationServiceId` The value component of the RDN.
`boolean`	`ipv4alloc = false` Before enabling the AAA IPv4 allocation, the RadiusAAAService-->AccountingService-->csvMode must be "SESSION_BASED_CSV" and RadiusAAAService-->AAASessionControl-->records must include the "User-Name, Framed-IP-Address, Framed-IP-Netmask, IP-Alloc-Pool" attribute. Takes effect: After next restart
`boolean`	`ipv6PrefixAlloc = false` Before enabling the AAA IPv6 prefix allocation, the RadiusAAAService-->AccountingService-->csvMode must be "SESSION_BASED_CSV" and RadiusAAAService-->AAASessionControl-->records must include the "User-Name, Framed-IPv6-Address, IPv6-Prefix-Pool" attribute. Takes effect: After next restart
`uint32`	`preparedLeaseNumInPool = 100000` Specifies the number of prepared lease. Takes effect: After next restart
`uint8`	`threshold4UsedIpInPool = 80 { 1..99 }` Specifies the threshold that will trigger the alarm if the IP addresses allocated in a pool exceed the configured threshold as a percentage of total IP addresses in this pool. Takes effect: After next restart
`uint8`	`threshold4UsedIpInServer = 80 { 1..99 }` Specifies the threshold that will trigger the alarm if the IP addresses allocated exceed the configured threshold as a percentage of total IP addresses. Takes effect: After next restart

class IPAllocationService

class IpsecPolicy

..

+-Transport

+-Host

+-IpsecTunnel

+-IpsecPolicy

Holds configuration information for Ipsec policies.

References to:: IpsecProposalProfile;

Attributes
`string key mandatory noNotification restricted`	`ipsecPolicyId` Value component of the RDN.
`IpsecProposalProfile mandatory restricted`	`ipsecProposalProfile` Reference to an Ipsec transform profile.
`TrafficSelector[0..] nonUnique ordered restricted`	`localTrafficSelector` Ordered list of traffic selectors to be used for SA negotiation. If localTrafficSelector is not specified, it means that all the local addresses and subnets within the current routing domain are included. The first in the list has the highest priority.
`TrafficSelector[0..] nonUnique ordered restricted`	`remoteTrafficSelector` Ordered list of traffic selectors to be used for SA negotiation. If remoteTrafficSelector is not specified, it means wildcard(i.e. any possible IP address, protocol etc). The first in the list has the highest priority.
`string[0..1] restricted`	`userLabel` Label for free use.

class IpsecPolicy

class IpsecProposalProfile

..

+-Transport

+-Host

+-IpsecProposalProfile

Configuration information for Ipsec policies.

References from:: IpsecPolicy; Phase2Policy;

Attributes
`ChildSaLifetime mandatory restricted`	`childSaLifetime` Lifetime for the negotiated ChildSAs.
`IpsecProposal[1..] nonUnique ordered mandatory restricted`	`ipsecProposal` An ordered list of Ipsec transforms to be proposed during IKEv2 negotiation.
`string key mandatory noNotification restricted`	`ipsecProposalProfileId` Value component of the RDN.
`string[0..1] restricted`	`userLabel` Label for free use.

class IpsecProposalProfile

class IpsecTunnel

..

+-Transport

+-Host

+-IpsecTunnel

+-Ikev1Session [0..1]

+-Ikev2Session [0..1]

+-IpsecPolicy [0..]

+-Phase2Policy [0..]

Configuration and runtime information of an Ipsec tunnel between two end points.

Attributes
`string key mandatory noNotification restricted`	`ipsecTunnelId` Value component of the RDN.
`IpAddress mandatory restricted`	`localAddressStr` Tunnel local endpoint assigned IP address. Rule: The local and remote address must have the same address family and belong to the same routing domain.
`IpAddress mandatory restricted`	`remoteAddressStr` Tunnel remote end point external IP address. Rule: The local and remote address must have the same address family and belong to the same routing domain.
`string[0..1] restricted`	`userLabel` Label for free use.

class IpsecTunnel

class IPWorksAAACommonRoot

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksAAACommonRoot

+-AAAServer [1..]

+-AAAServerManager [1..1]

+-GTConvertManager [1..1]

Root class of IPWorks AAA Common

Attributes
`string key mandatory noNotification restricted`	`ipworksAAACommonRootId` The value component of the RDN.

class IPWorksAAACommonRoot

class IPWorksAAARoot

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksAAACommonRoot [1..1]

+-IPWorksDiameterAAARoot [1..1]

+-IPWorksRadiusAAARoot [1..1]

Root of IPWorks AAA

Attributes
`string key mandatory noNotification restricted`	`ipworksAAARootId` The value component of the RDN.

class IPWorksAAARoot

class IpworksCommonRoot

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-DataBaseInfo [1..1]

+-IpworksTrace [1..1]

+-StorageServer [1..1]

IPWorks EM Root.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`ipworksCommonRootId` id.
`string`	`serviceType = AAA` Specifies which IPWorks services have been deployed, such as: AAA DNS,ENUM DNS DHCP Takes effect: After next storage server restart.

class IpworksCommonRoot

class IPWorksDHCPRoot

ManagedElement

+-IpworksFunction

+-IPWorksDHCPRoot

+-DHCPServer [0..]

+-DHCPServerManager [1..1]

+-DHCPv4Service [1..1]

+-NACFService [1..1]

IPWorks DHCP configuration root entry

Attributes
`string key mandatory noNotification restricted`	`ipworksDHCPRootId` The value component of the RDN.

class IPWorksDHCPRoot

class IPWorksDiameterAAARoot

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService [1..1]

+-DiameterStack [1..1]

+-SS7Stack [1..1]

Root of IPWorks Diameter AAA

Attributes
`string key mandatory noNotification restricted`	`ipworksDiameterAaaRootId` The value component of the RDN.

class IPWorksDiameterAAARoot

class IpworksDnsRoot

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-AsdnsServer [1..1]

+-DnsServer [1..1]

+-IpworksEnumRoot [1..1]

+-ServerType [1..1]

IPWorks DNS MOC.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`ipworksDnsRootId` The root identifier of the IPWorks DNS.

class IpworksDnsRoot

class IpworksEnumRoot

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-IpworksEnumRoot

+-EnumFE [1..1]

+-EnumServer [0..1]

root class of Enum Server

Attributes
`string key mandatory noNotification restricted`	`ipworksEnumRootId` The value component of the RDN.

class IpworksEnumRoot

class IpworksFunction

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot [1..1]

+-IpworksCommonRoot [1..1]

+-IPWorksDHCPRoot [1..1]

+-IpworksDnsRoot [1..1]

IPWorks root MOC.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`ipworksRootId` The id to the IPWorks root element.
`string noNotification readOnly`	`release` The product release of the ManagedFunction. It commonly contains the Managed Function release, for example L12.0, 13A, R1A
`string mandatory`	`userLabel` Used for product free-text description.

class IpworksFunction

class IPWorksLog

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksAAACommonRoot

+-AAAServer

+-LogManagement

+-IPWorksLog

Diameter Log Class.

Attributes
`string noNotification readOnly`	`directory = /cluster/storage/no-backup/ipworks/logs` Directory to store the log files.
`uint8`	`fileSize = 2 { 1..10 }` Max size of each log file (MB). Unit: 1 MB
`IpworksLogLevel`	`level = LOG_LEVEL_ERROR` Log level Takes effect: Immediately
`ProcessType key mandatory noNotification restricted`	`logId` The value component of the RDN.
`uint8`	`maxLogs = 5 { 1..10 }` Max number of log files for current type. Unit: 1 entries

class IPWorksLog

class IPWorksRadiusAAARoot

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService [1..1]

+-RadiusStack [1..1]

This Managed Object Class is for Root class of IPWorks AAA.

Attributes
`string key mandatory noNotification restricted`	`ipworksRadiusAaaRootId` The value component of the RDN.

class IPWorksRadiusAAARoot

class IpworksTrace

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-IpworksTrace

The Managed Object Class (MOC) for IPWorks Radius and Diameter Trace.

Attributes
`boolean[0..1]`	`enableDiameterTrace = false` Determines whether to enable/disable Diameter trace. Take effect: Immediately
`boolean[0..1]`	`enableRadiusTrace = false` Determines whether to enable/disable Radius trace. Take effect: Immediately
`string key noNotification restricted`	`ipworksTraceId = 1` for ipworks trace group

class IpworksTrace

class IWLANConfig

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-IWLANService

+-IWLANConfig

This Managed Object Class is for IWLAN configuration.

Attributes
`string`	`aaaServerId = 0` Specifies the WLAN AAA server Id. The default value is "0". Takes effect: After next restart
`uint16`	`acctInterimInterval = 600 { 60..65535 }` Specifies the value of WLAN Acct-Interim-Interval. The default value is 600. Takes effect: After next restart
`boolean`	`gprsApnCheckEnabled = false` Specifies if the WLAN GPRS APN is enabled. The default value is false. Takes effect: After next restart
`string key mandatory noNotification restricted`	`iWlanConfigId` The value component of the RDN.
`boolean`	`mandatoryChargingCharacter = false` Specifies if WLAN mandatory Charging Characteristics is enabled. The default value is false. Takes effect: After next restart
`boolean`	`mandatoryCUI = false` Specifies if WLAN mandatory CUI is enabled. The default value is false. Takes effect: After next restart
`uint8`	`odbHPLMNDataBit = 2 { 0..32 }` IPWorks AAA server assumes that the HLR uses the Operator Determined Barring HPLMN data parameters to specify the ability of WiFi Subscription. 1~32: Specifying the used bit 0: Skipping the check Other: Causing the traffic failure The default value is 2. Unit: 1 bit Takes effect: After next restart
`boolean`	`s2aEnabled = false` Specifies if the WLAN S6a is enabled. The default value is false. Takes effect: After next restart
`uint32`	`sessionTimeout = 86400` Specifies the value of WLAN Session-Timeout. The default value is 86400. Takes effect: After next restart
`WLANSubscriptionMode`	`subscriptionAuthzMode = ODB_MODE` Specifies the WLAN subscription Authz Mode, the default value is ODB_MODE. ODB_MODE APN_MODE Takes effect: After next restart
`TerminationAction`	`terminationAction = NO_RADIUS_REQUEST` Specifies the WLAN Termination-Action: NO_RADIUS_REQUEST RADIUS_REQUEST The default value is NO_RADIUS_REQUEST. Takes effect: After next restart
`boolean`	`userNameShowIMSI = false` Specifies if the WLAN uses IMSI as UserName. The default value is false. Takes effect: After next restart
`uint16`	`userRateType = 0` Specifies the WLAN User Rate Type. The default value is 0. Takes effect: After next restart
`string`	`wlan3gppChargingCharacter = 0000` Specifies the WLAN 3GPP Charging Characteristics. The default value is "0000". Takes effect: After next restart
`string`	`wlan3gppGprsNegQosProfile = 05-0A11012901010111050101100101` Specifies the Wlan 3GPP GPRS Negotiated QoS Profile. The default value is "05-0A11012901010111050101100101". Takes effect: After next restart

class IWLANConfig

class IWLANService

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-IWLANService

+-IWLANConfig [1..1]

+-RadiusSS7Stack [1..1]

This Managed Object Class is for IWLAN service.

Attributes
`string key mandatory noNotification restricted`	`iWLANServiceId` The value component of the RDN.

class IWLANService

class JavaOam

JavaOam

+-JavaOamContext [1..1]

+-JavaOamPm [0..]

+-JavaOamTrace [0..]

The JavaOam MO represents the root node for the JavaOaM configuration fragment.
The MO is intended for JavaOaM internal configuration and shall not be exposed over the NBI.

Attributes
`string key mandatory noNotification restricted`	`javaOamId` This attribute defines the identity of the JavaOam instance.

class JavaOam

class JavaOamContext

JavaOam

+-JavaOamContext

+-JavaOamContextNamespace [0..]

The JavaOamContext MOC represents the JavaOaM Context configuration.

Attributes
`string key noNotification restricted`	`javaOamContextId = 1` This attribute defines the identity of the JavaOamContext instance.
`string[0..1]`	`userLabel` This attribute defines a user label, which is free to use for any purpose.

class JavaOamContext

class JavaOamContextCriterion

JavaOam

+-JavaOamContext

+-JavaOamContextNamespace

+-JavaOamContextCriterion

The class JavaOaMContextCriterion contains all attributes related to a given criterion.

Attributes
`string key mandatory noNotification restricted`	`javaOamContextCriterionId` This attribute defines the identity of the JavaOaMContextCriterion instance.
`string mandatory`	`key` The key of the context criterion.
`string mandatory`	`value` The value related to this criterion instance.

class JavaOamContextCriterion

class JavaOamContextNamespace

JavaOam

+-JavaOamContext

+-JavaOamContextNamespace

+-JavaOamContextCriterion [0..]

The class JavaOaMContextNamespace contains all attributes related to a given namespace.

Attributes
`boolean`	`enableNamespace = true` This attribute enables this namespace if true or disables it if false.
`string key mandatory noNotification restricted`	`javaOamContextNamespaceId` This attribute defines the identity of the JavaOaMContextNamespace instance.
`string[0..1]`	`userLabel` This attribute defines a user label, which is free to use for any purpose.

class JavaOamContextNamespace

class JavaOamPm

JavaOam

+-JavaOamPm

The JavaOamPm MO represents the JavaOaM PM configuration.

Attributes
`boolean[0..1]`	`enableCmwPm = true` This attribute enables CoreMW PM if true or disables it if false. The default is set to true. The attribute value is read only at JavaOam's start up time.
`boolean[0..1]`	`enableJavaOamPm = true` This attribute enables JavaOaM PM if true or disables it if false. The default is set to true. The attribute value is read only at JavaOam's start up time.
`string key mandatory noNotification restricted`	`javaOamPmId` This attribute defines the identity of the JavaOamPm instance.

class JavaOamPm

class JavaOamTrace

JavaOam

+-JavaOamTrace

The JavaOamTrace MO represents the JavaOaM Trace configuration.

Attributes
`boolean[0..1]`	`enableTrace = true` This attribute enables TRACE if true or disables it if false. The default is set to true. The attribute value is read only at JavaOam's start up time.
`string key mandatory noNotification restricted`	`javaOamTraceId` This attribute defines the identity of the JavaOamTrace instance.
`int32[0..1]`	`maxNumberOfTraceLogsPerMinute` This attribute specifies the maximum number of trace logs per minute.

class JavaOamTrace

class KeyFileInformation

..

+-SystemFunctions

+-Lm

+-KeyFileManagement

+-KeyFileInformation

Basic information about the key file installed on the Managed Element.

This MO is not applicable to LM deployments that connect to Arwa.

This MO is created by the system.

Attributes
`DateTime readOnly`	`installationTime` Date and time when key file was installed on the Managed Element.
`string key mandatory noNotification restricted`	`keyFileInformationId` The value component of the RDN.
`boolean readOnly`	`locatable` Indicates whether or not the key file can currently be located.
`string[0..1] readOnly`	`productType` Identifier of the type of product to which the capacity is related. This attribute is used only in systems where the different applications use separate key files to identify which application or product the capacity belongs to, e.g. “SASN”, “GSN_GGSN”, “SSR 8000”.
`int32 readOnly`	`sequenceNumber = 0` Sequence number of the key file. If sequence number is not available this value is 0.

class KeyFileInformation

class KeyFileManagement

..

+-SystemFunctions

+-Lm

+-KeyFileManagement

+-KeyFileInformation [0..]

Enables installation of key files and provides information about the installed key file.

This MO is not applicable to LM deployments that connect to Arwa.

This MO is not applicable to LM deployments that connect to NeLS.

This MO is created by the system.

Actions

boolean

installKeyFile ( string uri , EcimPasswordString password );: Initiates the key file installation defined by the URI given as a parameter.

The return value is the action Id if the initiation succeeded, otherwise it is 0.

The installation is an asynchronous operation. Progress is reported via attribute reportProgress.; Parameters

Name: uri
Description: The URI of the key file that is to be installed.

The URI may refer to a local (e.g., file://data/dir/subdir/rbs006.xml) or to a remote (e.g., sftp://myuser@myhostname.ericsson.local/dir/subdir/rbs006.xml) file.

If user name is needed to access the referenced file then the URI shall include the user name. The URI must not contain password.

The generic URI syntax is defined by RFC 2396.

sftp support is reserved for future use.

Name: password
Description: Password to access the referenced file.

If authentication is not password based, this parameter will be ignored.

This parameter is reserved for future use.

Attributes
`string key mandatory noNotification restricted`	`keyFileManagementId` The value component of the RDN.
`AsyncActionProgress[0..1] readOnly`	`reportProgress` Reference to the progress report including the result of the initiated key file installation.

class KeyFileManagement

class Ldap

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LdapAuthenticationMethod

+-Ldap

+-EricssonFilter [0..1]

+-Filter [0..1]

Contains the configurable information on primary and secondary LDAP directories.

This MO is created by the system.

References to:: ManagedObject;

Attributes
`string mandatory`	`baseDn` Default base DN to use in LDAP operations. The base DN must be specified in an LDAP DN format, for example, 'ou=people,dc=mycompany,dc=com'. All LDAP objects used for authentication and authorization must be accessible from the base DN.
`string[0..1]`	`bindDn` Default bind DN used to access the LDAP servers. When configured, the ME uses the specified DN as the bind name for LDAP searches. The bind DN must be specified in an LDAP DN format, for example 'cn=bindaccount,dc=mycompany,dc=com'.
`EcimPassword[0..1]`	`bindPassword` Password used with bindDn to access the LDAP servers. When configured, the ME establishes a password-based LDAP simple bind.
`IpDNSAddress[0..1]`	`fallbackLdapIpAddress` The IP or DNS address of the fallback LDAP server. The fallback server is used when the primary server is inaccessible. Default port number used is 389. The selected tlsMode overrides the default port number.
`FilterType[0..1] noNotification`	`filterType` The filterType selects method for user authorization. POSIX_GROUPS - Roles for authorization are selected from LDAP database based on standard Posix account and Posix Group schemas. The cn attribute of the Posix Group object is treated as role. ERICSSON_ROLES - Roles for authorization are selected from LDAP database based on Posix account extended with auxiliary attribute ericssonUserAuthorizationScope. FLEXIBLE - Roles for authorization are selected from LDAP database based on attributes specified in the contained Filter object.This entity is deprecated use profileFilter instead. Deprecated:
`string key mandatory noNotification restricted`	`ldapId` The value component of the RDN.
`IpDNSAddress mandatory`	`ldapIpAddress` The IP or DNS address of the primary LDAP server. Default port number used is 389. The selected tlsMode overrides the default port number.
`ManagedObject[0..1]`	`nodeCredential` The credential used for LDAP. Specifies the DN of a NodeCredential MO in Certificate Management.
`string[0..] noNotification`	`nodeType` The type or types of network node current managed element represents in management perspective. The value of this attribute is used, when a role defined in the LDAP database is prefixed with Node Type. Roles definitions where the Node Type prefix does not match are skipped. For example nodeType=ims.kista.se. This entity is deprecated. Deprecated:
`ProfileFilter[0..1]`	`profileFilter` Selects an LDAP filter to determine the user's authorization profile. Authorization profiles are used by authorization methods. For ERICSSON_FILTER, the contained EricssonFilter MO must exist. For FLEXIBLE, the contained Filter MO must exist.
`string[0..1] noNotification`	`roleAliasesBaseDn` LDAP base DN to a subtree of objects that is used to resolve alias roles to real roles. The DN for such an object is role=[role], roleAliasesBaseDn. For example: If roleAliasesBaseDn = "dc=example,dc=com" and the user has role Admin, then if the object "role=Admin,dc=example,dc=com" exists and has attribute name = Administrator, the user gets the role Administrator instead. This entity is deprecated. Deprecated:
`uint16[0..1]`	`serverPort` Specifies the server port number to access the primary and secondary LDAP servers. Must only be specified when the default port number is not in use. Default ports are: 389, when useTls is false. 389, when useTls is true and tlsMode is STARTTLS. 636, when useTls is true and tlsMode is LDAPS.
`string[0..1]`	`tlsCaCertificate` Certificate Authority's (CA) certificate that signed the LDAP server certificate. The CA certificate is used to authenticate the server certificate. The CA certificate is provided by the operator and can be represented as follows: /etc/ssl/certs/cacert.pem. This attribute is deprecated. If this attribute is set, attribute trustCategory is ignored. Deprecated: Deprecated in version 2.0. Attribute trustCategory replaced its function. If this attribute is set, attribute trustCategory is ignored.
`string[0..1]`	`tlsClientCertificate` Client certificate used when the LDAP server needs to authenticate the client. It is generated and provided by the operator. Example of client certificate representation: /home/ldap-user/certs/client.cert.pem. This attribute is deprecated. When this attribute is set, attribute nodeCredential is ignored. Deprecated: Deprecated in version 2.0. Attribute nodeCredential replaced its function. If this attribute is set, attribute nodeCredential is ignored.
`string[0..1]`	`tlsClientKey` Specifies the private key for the client certificate referred to by the tlsClientCertificate attribute. The key is generated and provided by the operator. Example of client key representation: /home/ldap-user/certs/keys/client.key.pem This attribute is deprecated. If this attribute is set, attribute nodeCredential is ignored. Deprecated: Deprecated in version 2.0. Attribute nodeCredential replaced its function. If this attribute is set, attribute nodeCredential is ignored.
`TlsMode`	`tlsMode = STARTTLS` Toggles the TLS establishment mode to access the primary and secondary LDAP servers. Takes effect when useTls is true.
`ManagedObject[0..1]`	`trustCategory` The set of certificates trusted by LDAP. Specifies the DN of a TrustCategory MO in Certificate Management.
`boolean`	`useReferrals = false` Toggle to enable the use of referrals. When set to false, the ME ignores referrals returned by the LDAP server. When set to true, the ME follows referrals. Referrals can be used for authentication and authorization only if the referral URI refers back to a directory tree within the same LDAP server instance; otherwise, access is denied for referred user accounts.
`string[0..1]`	`userLabel` An additional descriptive text.
`boolean mandatory`	`useTls` Toggle to enable TLS access to primary and secondary LDAP targets.
`boolean`	`useTlsFallback = false` Toggle to enable TLS access to the secondary LDAP target. This attribute is deprecated. Deprecated: Deprecated in version 2.0. Attribute useTls configures TLS for the primary and fallback server.

class Ldap

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LdapAuthenticationMethod

+-Ldap

+-EricssonFilter [0..1]

+-Filter [0..1]

Contains the configurable information on primary and secondary LDAP directories.

This MO is created by the system.

References to:: ManagedObject;

Attributes
`LdapDistinguishedName mandatory`	`baseDn` Default base DN to use in LDAP operations. The base DN must be specified in an LDAP DN format, for example, 'ou=people,dc=mycompany,dc=com'. All LDAP objects used for authentication and authorization must be accessible from the base DN.
`LdapDistinguishedName[0..1]`	`bindDn` Default bind DN used to access the LDAP servers. When configured, the ME uses the specified DN as the bind name for LDAP searches. The bind DN must be specified in an LDAP DN format, for example 'cn=bindaccount,dc=mycompany,dc=com'.
`EcimPassword[0..1]`	`bindPassword` Password used with bindDn to access the LDAP servers. When configured, the ME establishes a password-based LDAP simple bind.
`IpDNSAddress[0..1]`	`fallbackLdapIpAddress` The IP or DNS address of the fallback LDAP server. The fallback server is used when the primary server is inaccessible. Default port number used is 389. The selected tlsMode overrides the default port number.
`string key mandatory noNotification restricted`	`ldapId` The value component of the RDN.
`IpDNSAddress mandatory`	`ldapIpAddress` The IP or DNS address of the primary LDAP server. Default port number used is 389. The selected tlsMode overrides the default port number.
`ManagedObject[0..1]`	`nodeCredential` The credential used for LDAP. Specifies the DN of a NodeCredential MO in Certificate Management.
`ProfileFilter[0..1]`	`profileFilter` Selects an LDAP filter to determine the user's authorization profile. Authorization profiles are used by authorization methods. For ERICSSON_FILTER, the contained EricssonFilter MO must exist. For FLEXIBLE, the contained Filter MO must exist.
`uint16[0..1]`	`serverPort` Specifies the server port number to access the primary and secondary LDAP servers. Must only be specified when the default port number is not in use. Default ports are: 389, when useTls is false. 389, when useTls is true and tlsMode is STARTTLS. 636, when useTls is true and tlsMode is LDAPS.
`TlsMode`	`tlsMode = STARTTLS` Toggles the TLS establishment mode to access the primary and secondary LDAP servers. Takes effect when useTls is true.
`ManagedObject[0..1]`	`trustCategory` The set of certificates trusted by LDAP. Specifies the DN of a TrustCategory MO in Certificate Management.
`boolean`	`useReferrals = false` Toggle to enable the use of referrals. When set to false, the ME ignores referrals returned by the LDAP server. When set to true, the ME follows referrals. Referrals can be used for authentication and authorization only if the referral URI refers back to a directory tree within the same LDAP server instance; otherwise, access is denied for referred user accounts.
`string[0..1]`	`userLabel` An additional descriptive text.
`boolean mandatory`	`useTls` Toggle to enable TLS access to primary and secondary LDAP targets.

class Ldap

class LdapAuthenticationMethod

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LdapAuthenticationMethod

+-Ldap [1..1]

Root MOC of the LDAP Authentication Method.

LDAP-based authentication uses a directory to store a user's credentials and allows them to be queried over a secure LDAP interface.

This MO is created by the system.

Attributes
`BasicAdmState mandatory`	`administrativeState` The administrative state of this authorization method.
`string key mandatory noNotification restricted`	`ldapAuthenticationMethodId` The value component of the RDN.
`string[0..1]`	`userLabel` An additional descriptive text.

class LdapAuthenticationMethod

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LdapAuthenticationMethod

+-Ldap [1..1]

Root MOC of the LDAP Authentication Method.

LDAP-based authentication uses a directory to store a user's credentials and allows them to be queried over a secure LDAP interface.

This MO is created by the system.

Attributes
`BasicAdmState mandatory`	`administrativeState` The administrative state of this authorization method.
`string key mandatory noNotification restricted`	`ldapAuthenticationMethodId` The value component of the RDN.
`string[0..1]`	`userLabel` An additional descriptive text.

class LdapAuthenticationMethod

class LdapOption

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-DataBaseInfo

+-CudbManager

+-CudbServiceSite

+-LdapOption

LDAP options

Attributes
`string key mandatory noNotification restricted`	`ldapOptionId` LDAP options
`LdapSearchDeref`	`searchDereference = ALWAYS_DEREF` LDAP search dereference. Takes effect: After next restart
`uint32`	`sizeLimit = 0` Value for LDAP SIZELIMIT option. Takes effect: After next restart
`boolean`	`synchronousQuery = true` LDAP synchronous query or asynchronous query. true: LDAP synchronous query. false: LDAP asynchronous query. Takes effect: After next restart
`uint32`	`timeLimit = 0` Value for LDAP TIMELIMIT option. Takes effect: After next restart

class LdapOption

class Legacy

ManagedElement

+-Legacy

Introduced to support deprecated types

Filter: hidden

Attributes
`AdmState[0..1] readOnly`	`admState` Legacy attribute deprecated in ECIM_Top and moved to ECIM_CommonLibrary. Filter: hidden
`BasicAdmState[0..1] readOnly`	`basicAdmState` Legacy attribute deprecated in ECIM_Top and moved to ECIM_CommonLibrary. Filter: hidden
`DateTime[0..1] readOnly`	`dateTime` Legacy attribute deprecated in ECIM_Top and moved to ECIM_CommonLibrary. Filter: hidden
`IpDNSAddress[0..1] readOnly`	`ipDNSAddress` Legacy attribute deprecated in ECIM_Top and moved to ECIM_CommonLibrary. Filter: hidden
`string key mandatory noNotification restricted`	`legacyId` The value component of the RDN. Filter: hidden
`OperState[0..1] readOnly`	`operState` Legacy attribute deprecated in ECIM_Top and moved to ECIM_CommonLibrary. Filter: hidden
`SchemaFormat[0..1] readOnly`	`schemaFormat` Legacy attribute deprecated in ECIM_Top and moved to ECIM_CommonLibrary. Filter: hidden

class Legacy

class Lm

..

+-SystemFunctions

+-Lm

+-ArwaConfiguration [0..1]

+-AutonomousMode [0..1]

+-CapacityKey [0..]

+-EmergencyUnlock [1..1]

+-FeatureKey [0..]

+-IntegrationUnlock [0..1]

+-KeyFileManagement [0..1]

+-NeLSConfiguration [0..1]

Supports activities and contains information related to license management.

This MO is created by the system.

Actions
`boolean`	`publishLicenseInventory ( );` Publish the License Inventory. Triggers the immediate publication of license information from the License Key File and usage information from the LmServer cache to the information model. Return value is true if the publication is successful, false otherwise. For LM deployments that connect to Arwa, the license information is retrieved from the Arwa License Server.
`boolean`	`refreshLicenseInventory ( );` Initiates the synchronization of Managed Element's license inventory. Return value is true if the synchronization succeeded, otherwise false. This action is not applicable to LM deployments that connect to NeLS.

Attributes
`LmPercentageType[0..1]`	`capacityAlarmHysteresis = 5` Specifies alarm hysteresis percentage for capacity licenses. When a capacity reservation alarm is active, the reservation level has to drop below the alarm threshold by the hysteresis amount in order for the alarm to be cleared or downgraded.
`LmPercentageType[0..1]`	`capacityAlarmThreshold = 80` The capacity reservation percentage level at which a minor alarm will be raised.
`string mandatory`	`fingerprint` The unique identification of the Managed Element. Limited to 256 alphanumeric characters including hyphens (-) and underscores (_), no white spaces. This attribute is not applicable to LM deployments that connect to Arwa.
`boolean readOnly`	`fingerprintUpdateable` Indicates whether or not the fingerprint of the Managed Element can be updated. This attribute is not applicable to LM deployments that connect to Arwa.
`DateTime readOnly`	`lastInventoryChange` Date and time of the last change in the license inventory. Change in the license inventory may occur when the key file is updated on the Managed Element or when license information is refreshed by synchronizing with license servers. This attribute is not applicable to LM deployments that connect to Arwa.
`DateTime readOnly`	`lastLicenseInventoryRefresh` Date and time when License Manager last synchronized the license inventory of the Managed Element.
`uint32[0..1]`	`licenseExpirationWarning = 7` License Expiration advance warning interval. The number of days before expiration of a license at which LM raises a LmLicenseExpired alarm with severity=minor.
`string key mandatory noNotification restricted`	`lmId` The value component of the RDN.
`LmState readOnly`	`lmState` The current operational state of the License Manager.
`string[0..1] readOnly`	`lockingCode` Locking code to be used by the supply organization to provide site-specific license key files. This attribute is not applicable to LM deployments that connect to Arwa or LM deployments using ELIM.
`string[0..]`	`referenceToLicenseServer` Reference to the primary license server used by the License Manager. For instance, the reference can contain the IP address of the server or locate its configuration interface. The attribute value is NULL if the License Manager does not rely on any license server. When the reference contains the IP address and port numbers of the servers, it is formatted as follows: IPv4: <IP_Address>:<Port_Number> IPv6: [<IP_Address>]:<Port_Number> (for future use)
`uint32[0..1]`	`serverReconnectAttemptInterval = 30` License Server Reconnect Attempt Interval. The interval, in seconds, between automatic reconnection attempts when LM has lost connection to all configured license servers.
`uint32[0..1]`	`serverSynchronizationInterval = 30` License Server Synchronization Interval. The interval, in minutes, at which LM automatically synchronizes license information with the license server. This attribute is not applicable to LM deployments that connect to NeLS.

class Lm

class LocalAuthenticationMethod

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthenticationMethod

+-AccountPolicy [0..]

+-AdministratorAccount [1..1]

+-PasswordPolicy [0..]

+-PasswordQuality [1..1]

+-UserAccountM [1..1]

The root MOC of Local Authentication.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`localAuthenticationMethodId` The value component of the RDN.
`string[0..1]`	`userLabel` An additional descriptive text.

class LocalAuthenticationMethod

class LocalAuthorizationMethod

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthorizationMethod

+-CustomRole [0..]

+-CustomRule [0..]

+-Role [0..]

The Root MOC of the Local Authorization method.

Roles and authorization rules are defined to build a Role Based Access Control (RBAC) model for controlling access to Managed Element resources such as Managed Objects, attributes, actions and CLI commands.

This MO is created by the system.

Attributes
`BasicAdmState mandatory`	`administrativeState` The administrative state of this authorization method.
`string key mandatory noNotification restricted`	`localAuthorizationMethodId` The value component of the RDN.
`string[0..1]`	`userLabel` An additional descriptive text.

class LocalAuthorizationMethod

class Log

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-IpworksEnumRoot

+-EnumServer

+-Log

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-IpworksEnumRoot

+-EnumServer

+-Erh

+-ErhSs7

+-Log

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-IpworksEnumRoot

+-EnumServer

+-Erh

+-ErhLdap

+-Log

The class Log controls ENUM and Erh Service log generation.

Attributes
`string readOnly`	`directory = /cluster/storage/no-backup/ipworks/logs` The directory where the log files are retained. Note: This parameter cannot be changed currently.
`uint32`	`fileSize = 10 { 1..20 }` The maximum allowable size for log files. (Unit:MB) When a file grows larger than the maximum file size, it will be closed and a new file will be generated.
`uint16`	`filesNumber = 5 { 1..20 }` The number of log files.
`IpworksLogLevel`	`level = LOG_LEVEL_ERROR` The log level.
`string key mandatory noNotification restricted`	`logId` The key attribute.
`IpworksLogTimelyRotate`	`timelyRotate = DISABLE` Specifies the time-based condition under which a new log file is started. DISABLE: No time-based condition (only the size-limit causes a new file to be created). This is the default. HOURLY: a new transaction log is created on the hour. DAILY: a new transaction log is created at the start of the day (00:00:00 Universal Time). WEEKLY: a new transaction log is created at the start of a new week (Sunday morning). MONTHLY: a new transaction log is created at the start of a new month. A new log file is created when either the time-based condition occurs or the file size limit is reached.

class Log

class LogicalFs

..

+-SystemFunctions

+-FileM

+-LogicalFs

+-FileGroup [0..]

+-FileMConfigData [1..1]

Represents the root of a file system where files exposed over the NBI are represented.
The included class FileGroup allows grouping of logically related files.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`logicalFsId` Value component of the RDN.
`string[0..1]`	`userLabel` Label for free use.

class LogicalFs

class LogManagement

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksAAACommonRoot

+-AAAServer

+-LogManagement

+-IPWorksLog [0..]

Log management

Attributes
`string key mandatory noNotification restricted`	`logManagementId` The value component of the RDN.

class LogManagement

class ManagedElement

ManagedElement

+-Equipment [1..1]

+-IpworksFunction [1..1]

+-Legacy [0..1]

+-SystemFunctions [1..1]

+-Transport [0..1]

The top-level class in the Common Information Model is Managed Element root Managed Object Class.
From this class, all model entities are contained. The Managed Object Class (MOC) has attributes that provide information on the Managed Element Identity, primary location and the products it contains.

This MO is created by the system.

References from:: Host;

Attributes
`DifferenceFromUTC[0..1] readOnly`	`dateTimeOffset` Deprecated. Difference between the value of the localDateTime attribute and UTC. Deprecated: Deprecated at version 2.3. Functionality replaced by TimeM model.”
`string[0..1]`	`dnPrefix` It provides naming context that allows the managed objects to be partitioned into logical domains. A Distingushed Name (DN) is defined by 3GPP TS 32.300, which splits the DN into a DN Prefix and Local DN, for example DN format: dnPrefix=<DN Prefix>, localDn =<Local DN> Fault Management: dnPrefix does not impact Fault Management, since an NMS recognises a Managed Element by IP address Performance Management (PM): The dnPrefix is present in the PM Data file, Result Output Period (ROP) file, if the dnPrefix attribute is specified, that is, not an empty string. Example: DC=ericsson.se,g3SubNetwork=Sweden Example: DC=ericsson.se,g3SubNetwork=Sweden
`DateTimeWithoutOffset[0..1] readOnly`	`localDateTime` Deprecated. This is the local date and time for the Managed Element. The following format is used: YYYY-MM-DDThh:mm:ss The meaning of each field is as follows: YYYY = four digit year MM = two digit month (01=January, etc.) DD = two digit day of month (01 through 31) T = time designator (shows start of time component) hh = two digits of hour (00 through 23, AM/PM not allowed) mm = two digits of minute (00 through 59) ss = two digits of second (00 through 59, leap second not allowed) The hyphen [-] and the colon [:] are used as separators within the date and time of day expressions, respectively. Deprecated: Deprecated at version 2.3. Functionality replaced by TimeM model.” Specification: ISO 8601:2004(E)
`string key mandatory noNotification restricted`	`managedElementId` Holds the name used when identifying the MO.
`string readOnly`	`managedElementType` The type of product being managed. For example the type could be RBS or CSCF.
`string[0..1]`	`networkManagedElementId` Replaces the value component of the RDN in the COM Northbound Interface. This attribute shall, if used, be set to a simple alphanumeric value. The value should be unique within the network namespace.
`ProductIdentity[0..]`	`productIdentity` Contains product information for the Managed Element and its Managed Functions. This attribute is deprecated. Deprecated:
`string readOnly`	`release` The release of the product type specified by the attribute managedElementType. It commonly contains the Managed Element release, for example L12.0, 13A, R1A
`string[0..1]`	`siteLocation` A freetext attribute describing the geographic location of a Managed Element.
`string[0..1] readOnly`	`timeZone` DEPRECATED. This is the timeZone in which the Managed Element resides. The possible values for this attribute are defined in the public-domain zoneinfo or Olson database. Locations are identified by a string indicating the continent or ocean and then the name of the location, typically the largest city within the region. See http://www.iana.org/time-zones for more information. Example: Europe/Stockholm. Deprecated: Deprecated at version 2.3. Functionality replaced by TimeM model.
`string[0..1]`	`userLabel` A freetext string for additional information to assist Managed Element identification.

class ManagedElement

ManagedElement

The top-level class in the Common Information Model is Managed Element root Managed Object Class.
From this class, all model entities are contained. The Managed Object Class (MOC) has attributes that provide information on the Managed Element Identity, primary location and the products it contains.

This MO is created by the system.

References from:: Host;

Attributes
`DifferenceFromUTC[0..1] readOnly`	`dateTimeOffset` Difference between the value of the localDateTime attribute and UTC.
`string[0..1]`	`dnPrefix` It provides naming context that allows the managed objects to be partitioned into logical domains. A Distingushed Name (DN) is defined by 3GPP TS 32.300, which splits the DN into a DN Prefix and Local DN, for example DN format: dnPrefix=<DN Prefix>, localDn =<Local DN> Fault Management: dnPrefix does not impact Fault Management, since an NMS recognises a Managed Element by IP address Performance Management (PM): The dnPrefix is present in the PM Data file, Result Output Period (ROP) file, if the dnPrefix attribute is specified, that is, not an empty string. Example: DC=ericsson.se,g3SubNetwork=Sweden Example: DC=ericsson.se,g3SubNetwork=Sweden
`DateTimeWithoutOffset[0..1] readOnly`	`localDateTime` This is the local date and time for the Managed Element. The following format is used: YYYY-MM-DDThh:mm:ss The meaning of each field is as follows: YYYY = four digit year MM = two digit month (01=January, etc.) DD = two digit day of month (01 through 31) T = time designator (shows start of time component) hh = two digits of hour (00 through 23, AM/PM not allowed) mm = two digits of minute (00 through 59) ss = two digits of second (00 through 59, leap second not allowed) The hyphen [-] and the colon [:] are used as separators within the date and time of day expressions, respectively. Specification: ISO 8601:2004(E)
`string key mandatory noNotification restricted`	`managedElementId` The value component of the Relative Distinguished Name (RDN).
`string readOnly`	`managedElementType` The type of product being managed. For example the type could be RBS or CSCF.
`ProductIdentity[0..]`	`productIdentity` Contains product information for the Managed Element and its Managed Functions. This attribute is deprecated. Deprecated:
`string readOnly`	`release` The release of the product type specified by the attribute managedElementType. It commonly contains the Managed Element release, for example L12.0, 13A, R1A
`string[0..1]`	`siteLocation` A freetext attribute describing the geographic location of a Managed Element.
`string[0..1] readOnly`	`timeZone` This is the timeZone in which the Managed Element resides. The possible values for this attribute are defined in the public-domain zoneinfo or Olson database. Locations are identified by a string indicating the continent or ocean and then the name of the location, typically the largest city within the region. See http://www.iana.org/time-zones for more information. Example: Europe/Stockholm.
`string[0..1]`	`userLabel` A freetext string for additional information to assist Managed Element identification.

class ManagedElement

class ManagedObject

ManagedObject

The ManagedObject MO represents a generic MO type. It does not represent any real resource in the system and can therefore not be instanciated. It is used as a MO-reference that can refer to multiple MO types.

References from:: AccountPolicy; CliTls; ComputeResourceRole; FileGroup; FtpTls; FtpTlsServer; Ikev1PolicyProfile; Ikev2PolicyProfile; Ldap; Ldap; NetconfTls; NodeCredential; PasswordPolicy; PasswordQuality; PmMeasurementCapabilities; Role; RoleUpgrade; Snmp; SwVersionMain; TrustCategory;

class ManagedObject

class MeasurementReader

..

+-SystemFunctions

+-Pm

+-PmJob

+-MeasurementReader

+-PmThresholdMonitoring [0..4]

Represents the capability to read the value of the MeasurementType or group of MeasurementTypes.
There can be many Measurement Reader instances for each job (one for each MeasurementType or PmGroup).
For a Threshold Job, only a MeasurementType instance can be referenced by the Measurement Reader.

Attributes
`string key mandatory noNotification restricted`	`measurementReaderId` Holds the name used when identifying the MO.
`MeasurementReaderNameValue[0..] noNotification readOnly`	`measurementReaderNameValue` Contains the real-time measurement data. Only used by a PM job of type REALTIMEJOB.
`MeasurementSpecification mandatory`	`measurementSpecification` This struct allows reference to either MeasurementType or PmGroup of MeasurementTypes to be defined.
`MoFilter[0..] nonUnique`	`moInstances` Target MO instance or instances. If not set, the job is applied to all MO instances relevant to the selected PmGroup or MeasurementType.
`ThresholdDirection[0..1]`	`thresholdDirection` Specifies the threshold direction. Used when the thresholdDirection in the MeasurementType instance is not set. If neither is set, the default value is used. Only applicable when jobType = THRESHOLDJOB.
`PerTimeInterval[0..1]`	`thresholdRateOfVariation = PER_SECOND` Time interval used for monitoring the Measurement Type against a threshold. Specifies, for Threshold Monitoring of a Cumulative Counter Measurement Type, how to calculate the value of the Measurement Type used to compare against the threshold. Only applicable when jobType = THRESHOLDJOB.

class MeasurementReader

class MeasurementType

..

+-SystemFunctions

+-Pm

+-PmGroup

+-MeasurementType

Defines a Measurement Type on the Managed Element to be monitored and collected.
MeasurementType is unique within the PM Group.

This MO is created by the system.

References to:: FmAlarmType;

Attributes
`Aggregation noNotification readOnly`	`aggregation` Describes how the PM service aggregates the measurement values for measurement instances.
`CollectionMethod noNotification readOnly`	`collectionMethod` Contains the form in which this measurement data is obtained.
`string noNotification readOnly`	`condition` Details the condition which causes the measurement result data to be updated.
`int16[0..1] noNotification readOnly`	`derSampleRate` Specifies the sample rate for DER counters. Defined as according to 3GPP 32.401. Data related to a particular event is captured. Every nth event is registered, where n can be 1 or greater. This attribute defines n. Only applicable when collectionMethod = DER.
`string noNotification readOnly`	`description` A comprehensible explanation of this measurement.
`FmAlarmType[0..1] noNotification readOnly`	`fmAlarmType` FmAlarmType associated to Threshold Monitoring of this MeasurementType. No value means that this MeasurementType is not available for selection for a PM Threshold Job.
`int32[0..1] noNotification readOnly`	`initialValue` The initial value to which the Measurement Type is set at the beginning of a new granularity period. Only applicable when resetAtGranPeriod = true. No value means it is reset to 0.
`boolean[0..1] readOnly`	`isCompressed` Indicates if the MeasurementType result is in compressed format. For MeasurementTypes with multiplicity greater than 1, the result can be compressed by only reporting the non-zero values. A detailed explanation of the format of the measurement result is given in the measurementResult attribute. No value means that this MeasurementType is not compressed.
`string noNotification readOnly`	`measurementName` The full name of the measurement type.
`string[0..1] noNotification readOnly`	`measurementResult` Contains a description of expected result value or values. For example, "a single integer value". See 3GPP 32.404.
`MeasurementStatus noNotification readOnly`	`measurementStatus` Contains the status of the measurement. If this is set to PRELIMINARY, the measurement is available and stepped in this version of the Managed Element, but is not yet approved. If it is set to USED, the measurement is approved, available and stepped in this version of the Managed Element. If it is set to OBSOLETE, the measurement is not available and not stepped in this version of the Managed Element. If it is set to DEPRECATED, the measurement is available but is not stepped in this version of the Managed Element.
`string key mandatory noNotification restricted`	`measurementTypeId` Holds the name used when identifying the MO.
`int16 noNotification readOnly`	`multiplicity` Where a counter is an array of values, this attribute represents the size of the array. Where it produces a single value, this attribute is set to 1.
`boolean noNotification readOnly`	`resetAtGranPeriod` Specifies whether the value is initialized at the beginning of each granularity period. No value means that this MeasurementType is not initialized at the beginning of each granularity period.
`uint16 noNotification readOnly`	`size` Contains the size of the measurement in number of octets.
`ThresholdDirection[0..1] noNotification readOnly`	`thresholdDirection` The threshold direction of a Measurement Type value which raises the Threshold Alarm severity. The attribute is set if this MeasurementType shall only be monitored in one direction in a PM Threshold Job. If it can be monitored in either direction, then the direction will be set as part of the threshold job creation by setting thresholdDirection in MeasurementReader. Only applicable if fmAlarmType is set.

class MeasurementType

class MySQLInfo

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-DataBaseInfo

+-MySQLInfo

+-SQLNodeInfo [2..2]

The information for connecting to MySQL NDB, for both Management Node and SQL Node.

Attributes
`string key mandatory noNotification restricted`	`mySQLInfoId` The value component of the RDN.
`IpDomainWithPort[2..2] nonUnique`	`ndbConnectString = SC-1:1186,SC-2:1186` The hostname and port to connect to MySQL Management Node.

class MySQLInfo

class NACFService

ManagedElement

+-IpworksFunction

+-IPWorksDHCPRoot

+-NACFService

Configuration for NACF

Attributes
`uint32`	`clfHeartBeatInterval = 5 { 0..86400 }` Specifies the interval at which NACF sends heart beat messages to CLF. The unit is second. And default value is 5. Takes effect: After next restart
`boolean`	`clfInterfaceEnable = false` Specifies the real time parameter thatestablishes or terminates NACF CLF interface in run-time. The default value is false. false : Specifies that the interface is disabled true : Specifies that the interface is enabled. Takes effect: After next restart
`uint32`	`clfMaxReleaseCtxBuf = 0 { 0..2000000 }` Specifies the maximum buffer size (in KB) to store Release IP Context and New IP Access Context messages when CLF is down, and resend the messages to CLF when it is up. Each Release message has average size of 50 Bytes, and new IP Access Context message has around 70 bytes. The default value is 0, that is, buffering is disabled. For example, NACF is running in a machine with 2 GB memory, and operatorneeds 500 MB for buffering failed messages, this attribute is set to a value of 500000. This will result in (500000/(50 + 75)) = 4,000 messages (New IP Access Context and Release Access Context) to be buffered on NACF. All these messages will be retransmitted to CLF once the connection to it is reestablished. Takes effect: After next restart
`uint8`	`clfMaxRetry = 3 { 0..20 }` Specifies the maximum attempt for NACF sending heart beat and other messages to CLF in the event of failure. The default value is 3. If NACF does not get CLF response for a heart beat message, it will retransmit the same towards CLF. The retransmission interval is internally calculated as (CLF Heart beat Interval / CLF Max Retry). For example, if Heart beat interval is set to 5 sec. and Max Retry is set to 3, then NACF will retransmit heart beat messages at an interval of 1 sec. Takes effect: After next restart
`uint8`	`clfOperateMode = 0 { 0..1 }` Specifies the operating communication mode between NACF and CLF. Zero (0) represents Asynchronous mode and one (1) represents Synchronous mode. The default value is zero (0). Takes effect: After next restart
`uint16`	`clfPort = 3097 { 1025..65535 }` Specifies the port at which NACF communicates over CLF. The default value is 3097. Takes effect: After next restart
`uint32`	`clfUpdateRetryInt = 5 { 0..86400 }` Specifies the retransmission interval for NACF sending update messages towards CLF in the event of failure. The default value is 5 sec. This includes all messages except heart beat message. Takes effect: After next restart
`Ipv4[0..1]`	`nacfIdentifierAddress` Specifies the address used as the NACF Identifier when NACF is connected to CLF. Deprecated: Takes effect: After next restart
`string key mandatory noNotification restricted`	`nacfServiceId` The value component of the RDN.

class NACFService

class NeLSConfiguration

..

+-SystemFunctions

+-Lm

+-NeLSConfiguration

Network License Server (NeLS) configuration parameters.

Attributes
`NeLSConnectionStatus[0..1] readOnly`	`connectionStatus` Represents status of the connection toward NeLS.
`IpDNSAddress[0..1]`	`host` IPv6, IPv4 or DNS name. The IP address or domain name of NeLS.
`string key mandatory noNotification restricted`	`neLSConfigurationId` The value component of the RDN. Key attribute of the NeLSConfiguration class.
`uint16[0..1]`	`port` The port number that is used to connect to NeLS.
`uint32[0..1]`	`retryInterval = 30` The number of seconds between reconnection attempts. First reconnection attempt occurs randomly between 3 to 5 minutes. Subsequent attempts occur with the delay specified by retryInterval.

class NeLSConfiguration

class NetconfSsh

..

+-SystemFunctions

+-SysM

+-NetconfSsh

Represents the Netconf configuration management service over Secure Shell.

This MO is created by the system.

Attributes
`BasicAdmState mandatory`	`administrativeState` The administrative state for the Netconf target. When LOCKED all on-going netconf connections will immediately be terminated. NOTE: Setting the administrativState to LOCKED for all Netconf and CLI interfaces disables O&M access to the ME. Refer to product specific troubleshooting instructions to resolve such a scenario.
`string key mandatory noNotification restricted`	`netconfSshId` The value component of the RDN.

class NetconfSsh

class NetconfTls

..

+-SystemFunctions

+-SysM

+-NetconfTls

Represents the Netconf configuration management service over Transport Layer Security (TLS).

This MO is created by the system.

References to:: ManagedObject;

Attributes
`BasicAdmState mandatory`	`administrativeState` The administrative state for the Netconf target. When LOCKED all on-going netconf connections will immediately be terminated. NOTE: Setting the administrativState to LOCKED for all Netconf and CLI interfaces disables O&M access to the ME. Refer to product specific troubleshooting instructions to resolve such a scenario.
`string key mandatory noNotification restricted`	`netconfTlsId` The value component of the RDN.
`ManagedObject[0..1]`	`nodeCredential` The credential used for the NETCONF service. Specifies the DN of a NodeCredential MO in Certificate Management.
`ManagedObject[0..1]`	`trustCategory` The set of certificates trusted by the NETCONF service. Specifies the DN of a TrustCategory MO in Certificate Management.

class NetconfTls

class NodeCredential

..

+-SystemFunctions

+-SecM

+-CertM

+-NodeCredential

Represents the node credential and contains information about the corresponding certificate.

References to:: EnrollmentAuthority; EnrollmentServerGroup; ManagedObject;

Actions
`boolean`	`cancelEnrollment ( );` Cancels the enrollment process. If the enrollment runs in online polling mode, this action stops polling the enrollment server. The enrollment rejects to confirm the PKI response from the enrollment server and releases the generated key-pair. The enrollment fails.
`boolean`	`installCredentialFromUri ( string uri , EcimPasswordString uriPassword , EcimPasswordString credentialPassword , Fingerprint fingerprint );` Installs a node credential or certificate from the specified Uniform Resource Identifier (URI). If the container file is in PKCS#12 format, the action implicitly starts an offline enrollment. If the file is a certificate in Privacy Enhanced Mail (PEM) or Distinguished Encoding Rules (DER) format, this action closes the ongoing offline enrollment process started by the startOfflineCsrEnrollment action. The action can be invoked if the enrollmentSupport attribute of the CertMCapabilites MO indicates that offline enrollment is supported. For a container file in PKCS#12 format, the action can be invoked if there is no other action in progress on this MO. For a certificate file in PEM or DER format, the action can be invoked if there is a startOfflineCsrEnrollment action in progress on this MO. The action returns immediately after invocation. The progress of the action can be tracked via the enrollmentProgress attribute. The action returns with TRUE after successful invocation, otherwise it returns with FALSE. The generic URI syntax is defined by RFC 3986. Example: sftp://myuser@myhostname.ericsson.local/dir/subdir/file Example: http://myhostname.ericsson.local/dir/subdir/certificate Parameters Name: uri Description: This parameter contains a URI assumed to point to the certificate or credential container file. The generic Uniform Resource Identifier (URI) syntax is defined by RFC 3986. Example: sftp://myuser@myhostname.ericsson.local/dir/subdir/file Example: http://myhostname.ericsson.local/dir/subdir/certificate The URI must not contain any password. The password shall be provided in the second parameter of this action. The URI may be local relative (e.g. data/dir/subdir/file), or local absolute (e.g. file:///data/dir/subdir/file), or remote (e.g. sftp://user@hostname/dir/subdir/file) or remote relative (e.g. sftp://user@hostname/~/cert.pem). If the URI is local relative, the file is expected to be under directory path indicated by the localFileStorePath attribute in the CertM MO. Name: uriPassword Description: The password part of the Uniform Resource Identifier (URI). If a password is not required, the 'NULL' string has to be provided. Name: credentialPassword Description: The password for decrypting the PKCS#12 container file. If the action is called to install a certificate in Privacy Enhanced Mail (PEM) or Distinguished Encoding Rules (DER) format to finish a running enrollment process, the value of password has to be 'NULL'. Name: fingerprint Description: The Secure Hash Algorithm (SHA) fingerprint of the certificate to be installed. The fingerprint is checked against the fingerprint calculated on the installed file. If the verification of the fingerprint is not required, the 'NULL' string must be provided. The hash must be calculated by the SHA algorithm indicated in fingerprintSupport of the CertMCapabilities MO.
`boolean`	`startOfflineCsrEnrollment ( string uri , EcimPasswordString uriPassword );` Starts a manual enrollment procedure. Creates a PKCS#10 Certificate Signing Request (CSR) that is stored at the specified local Uniform Resource Identifier URI. A file transfer service can be used to fetch the CSR file from the ME. The action can be invoked if the enrollmentSupport attribute of the CertMCapabilites MO indicates that offline CSR-based enrollment is supported. The action uses attributes subjectName and keyInfo attributes as inputs. If no other action is in progress on this MO, the action can be invoked and it returns immediately after invocation. The action progress can be tracked via the enrollmentProgress attribute. The action returns with TRUE after successful invocation, otherwise it returns with FALSE. Parameters Name: uri Description: This parameter contains a URI assumed to point to the certificate or credential container file. The generic Uniform Resource Identifier (URI) syntax is defined by RFC 3986. Example: sftp://myuser@myhostname.ericsson.local/dir/subdir/file The URI must not contain any password. The password shall be provided in the second parameter of this action. The URI may be local relative e.g. dir/subdir/csr.p10, or local absolute e.g. file:///data/dir/subdir/csr.p10, or remote e.g. sftp://user@hostname/dir/subdir/csr.p10). If the URI is local relative, the file will be stored under the path indicated by the localFileStorePath attribute in the CertM MO. Name: uriPassword Description: The password section of the Uniform Resource Identifier (URI). If a password is not required, the 'NULL' string must be provided.
`boolean`	`startOnlineEnrollment ( EcimPasswordString challengePassword );` Starts the online enrollment process. For initial enrollment a challengePassword must be provided. The action can be invoked if the enrollmentSupport attribute of the CertMCapabilites MO indicates that online enrollment is supported. As inputs, the action uses subjectName, keyInfo, enrollmentServerGroup and enrollmentAuthority attributes. If no other action is in progress on this MO, the action can be invoked and it returns immediately after invocation. Action progress can be tracked via the enrollmentProgress attribute. The action returns with TRUE after successful invocation, otherwise it returns with FALSE. Parameters Name: challengePassword Description: The one-time challenge password used as a shared-secret between the ME and the enrollment CA.

Attributes
`CertificateContent[0..1] readOnly`	`certificateContent` The X.509 content of the certificate.
`CertificateState[0..1] readOnly`	`certificateState` The current state of the certificate.
`EnrollmentAuthority[0..1]`	`enrollmentAuthority` The DN of the EnrollmentAuthority used for online enrollments.
`AsyncActionProgress[0..1] readOnly`	`enrollmentProgress` Reports the progress of the ongoing enrollment.
`EnrollmentServerGroup[0..1]`	`enrollmentServerGroup` The DN of the EnrollmentServerGroup used for online enrollments.
`uint16[0..1]`	`enrollmentTimer = 60` The enrollment poll timer in minutes. If the time indicated by this timer elapses before the enrollment is finished, the enrollment fails. Used only for online enrollment.
`ExpiryAlarmThresholdRange`	`expiryAlarmThreshold = 30` Threshold value to calculate the date of the alarm indicating the coming expiry of the certificate. The alarm severity is raised to MINOR in case the remaining time to expiry is reduced to the one third of the configured threshold. The alarm severity is raised to MAJOR in case the remaining time to expiry is reduced to the one tenth of the configured threshold or one week. The alarm is cleared and a certificate not available alarm is raised when the certificate expires.
`KeyInfo[0..1]`	`keyInfo` Specifies the key type and length that is used for the next enrollment.
`string key mandatory noNotification restricted`	`nodeCredentialId` The value component of the RDN.
`RenewalMode[0..1]`	`renewalMode = MANUAL` The certificate renewal mode for online enrollment. Renewals use subjectName, keyInfo and enrollmentServerGroup attributes as inputs. If configured to AUTOMATIC, manually initiated offline and online renewals fail. If an automatic enrollment failed alarm is present on the MO, setting this attribute to MANUAL clears the alarm.
`ManagedObject[0..] nonUnique noNotification readOnly`	`reservedByUser` Indicates the users of this NodeCredential MO. The users are identified by Distinguished Names of Credential User Managed Objects.
`string[0..1] noNotification restricted`	`subjectName` The X.501 DN to be used in the subject field of the requested certificate. For instance: "C=SE,O=Ericsson,CN=someserialnumber.ericsson.com"
`string[0..1]`	`userLabel` An additional descriptive text.

class NodeCredential

class Ntp

..

+-SystemFunctions

+-SysM

+-TimeM

+-Ntp

+-NtpServer [0..]

The NTP top class.

Attributes
`string key mandatory noNotification restricted`	`ntpId` The key attribute.

class Ntp

class NtpServer

..

+-SystemFunctions

+-SysM

+-NtpServer

A persistent NTP client mode network association with a specified remote server or local reference clock address.

Attributes
`BasicAdmState mandatory`	`administrativeState` Locks or unlocks the operation of the NTP client function. This is a convenience function to permit some or all NtpServer instances to be temporarily locked without having to delete the object.
`string key mandatory noNotification restricted`	`ntpServerId` The value component of the RDN.
`IpDNSAddress mandatory`	`serverAddress` The address of the NTP server with which a persistent client server mode association will be made. The serverAddress represents either a V4 or a V6 IP address or a DNS domain name.
`string[0..1]`	`userLabel` An additional descriptive text.

class NtpServer

..

+-SystemFunctions

+-SysM

+-TimeM

+-Ntp

+-NtpServer

The NTP server configuration data.

This MOC presents a persistent NTP client mode network association with a specified remote server or local reference clock address.

Attributes
`AdmState mandatory`	`administrativeState` Locks or unlocks the operation of the NTP client function. This is a convenience function to permit some or all NtpServer instances to be temporarily locked without the need to delete the object
`string key mandatory noNotification restricted`	`ntpServerId` The value component of the RDN.
`IpDNSAddress mandatory`	`serverAddress` The address of the NTP server with which a persistent client server mode association is made. The serverAddress represents either a V4 or a V6 IP address, or a DNS domain name.
`string[0..1]`	`userLabel` An additional descriptive text.

class NtpServer

class OCSPMgr

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-AAAPKIService

+-OCSPMgr

+-OCSPServer [0..]

OCSP server mangement

Attributes
`boolean`	`enableOcspCheck = false` Enable or disable OCSP check for Non-SIM WLAN access: false: disable (default) true: enable Takes effect: After next restart
`string key mandatory noNotification restricted`	`ocspManagerId` The value component of the RDN.
`boolean`	`softFail = true` The value of the soft fail strategy for AAA. The value of softFail is configured to either true or false. true: OCSP check passes if no related CA server is configured or IPWorks AAA is unable to check certificate. false: OCSP check fails if no related CA server is configured or IPWorks is unable to check certificate. Takes effect: After next restart

class OCSPMgr

class OCSPServer

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-AAAPKIService

+-OCSPMgr

+-OCSPServer

OCSP server

Attributes
`string mandatory`	`name` OCSP server name Takes effect: After next restart
`string key mandatory noNotification restricted`	`ocspServerId` The value component of the RDN.
`string[1..] nonUnique mandatory`	`responderUrl` OCSP server URL Takes effect: After next restart
`boolean`	`useNonce = true` Determine whether to apply the use nonce strategy for OCSP. true: The nonce is used for each OCSP request/response. no: The nonce is not used for each OCSP request/response. Takes effect: After next restart

class OCSPServer

class OtpdiaRoot

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterStack

+-OtpdiaRoot

Otpdia root class

Attributes
`string key mandatory noNotification restricted`	`otpdiaRootId` The value component of the RDN.

class OtpdiaRoot

class PasswordPolicy

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthenticationMethod

+-PasswordPolicy

Configures properties of password policy.

References from:: UserAccount;
References to:: ManagedObject; PasswordQuality;

Attributes
`int16[0..1]`	`expireWarning = 7 { 1..24855 }` Password expiry warning in days. Specifies the number of days before the expiry date when the ME starts to notify the user at authentication to change password due to approaching expiry date. No value means expiry warnings are never sent. Unit: 1 days
`int32[0..1]`	`failureCountInterval = 1800 { 1..2147483647 }` The time interval within which consecutive failed login attempts count in seconds. Specifies the time interval it takes to obsolete records in passwordFailureTimes used for attribute maxFailure. No value means the failure counter is reset only on successful authentication. Unit: 1 seconds
`int32[0..1]`	`historyLength = 12 { 1..2147483647 }` Specifies the number of passwords remembered by the ME to avoid the reuse of old passwords. No value means old passwords are not recorded.
`int32[0..1]`	`lockoutDuration { 1.. }` Account lockout duration in seconds due to password failures. Specifies the time in seconds after a locked account is unlocked automatically. An administrative lock placed on the user account by configuring administrativeState is not managed by this attribute. No value means that only the administrator can unlock an account manually by invoking unlockOperationalLock action on the UserAccount MO. Unit: 1 seconds
`int16[0..1]`	`maxAge = 90 { 1..24855 }` Password maximum age in days. Specifies the number of days after a password is considered expired. No value means passwords never expire. Unit: 1 days
`int32[0..1]`	`maxFailure = 3 { 1..32 }` Maximum failed login attempts to lock an account. Specifies the number of consecutive failed login attempts which locks the account automatically, as counted in passwordFailureTimes of the respective UserAccount Managed Objects. No value means that an unlimited number of failed attempts is allowed.
`int32[0..1]`	`minAge = 15 { 1..24855 }` Password minimum age in days. Specifies the minimum number of days that need to pass before a password can be changed. No value means there is no control on the minimum age of passwords. Unit: 1 days
`int32`	`minLength = 10 { 6..255 }` Minimum length of passwords. Specifies the minimum character lengths of passwords that the ME can accept.
`string key mandatory noNotification restricted`	`passwordPolicyId` The value component of the RDN.
`PasswordQuality mandatory`	`passwordQuality` The password quality parameters used. Refers to the DN of a PasswordQuality MO.
`ManagedObject[0..] noNotification readOnly`	`reservedByAccount` The accounts using this policy. Lists the Distinguished Names of UserAccount Managed Objects.
`string[0..1]`	`userLabel` An additional descriptive text.

class PasswordPolicy

class PasswordQuality

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthenticationMethod

+-PasswordQuality

Configures the dimensions of password quality checking.

References from:: AdministratorAccount; PasswordPolicy;
References to:: ManagedObject;

Attributes
`int16[0..1]`	`minDigit { 1..32767 }` Minimum number of digits in passwords. Minimum number of digits a new password must have to be accepted by the ME. No value means the check is disabled.
`int16[0..1]`	`minLower { 1..32767 }` Minimum number of lower case characters in passwords. Minimum number of lower case characters a new password must have to be accepted by the ME. No value means the check is disabled.
`int16[0..1]`	`minOther { 1..32767 }` Minimum number of non-alphanumeric characters in passwords. Minimum number of non-alphanumeric characters a new password must have to be accepted by the ME. No value means the check is disabled.
`int16`	`minPoints = 3 { 1..4 }` Minimum password quality points. Minimum number of quality points a new password must have to be accepted by the ME. One quality point is awarded for each character class used in the password. Possible character classes are digits, uppercase, lowercase, and other characters.
`int16[0..1]`	`minUpper { 1..32767 }` Minimum number of upper case characters in passwords. Minimum number of upper case characters a new password must have to be accepted by the ME. No value means the check is disabled.
`string key mandatory noNotification restricted`	`passwordQualityId` The value component of the RDN.
`ManagedObject[0..] readOnly`	`reservedBy` The managed objects using this PasswordQuality MO. Lists the Distinguished Names of PasswordPolicy Managed Objects or the AdministratorAccount.
`string[0..1]`	`userLabel` An additional descriptive text.

class PasswordQuality

class Phase2Policy

..

+-Transport

+-Host

+-IpsecTunnel

+-Phase2Policy

Holds configuration information for Ipsec policies.

References to:: IpsecProposalProfile;

Attributes
`IpsecProposalProfile mandatory restricted`	`ipsecProposalProfile` ReferenceÂ toÂ anÂ IpsecÂ transformÂ profile.
`string key mandatory noNotification restricted`	`phase2PolicyId` ValueÂ componentÂ ofÂ theÂ RDN.
`Ikev1TrafficSelector mandatory restricted`	`trafficSelector` Traffic selector to be used for SA negotiation.
`string[0..1] restricted`	`userLabel` Label for free use.

class Phase2Policy

class Pm

..

+-SystemFunctions

+-Pm

+-PmGroup [0..]

+-PmJob [0..]

+-PmMeasurementCapabilities [1..1]

The top class of the Performance Management model.
It is used to manage the Performance Management jobs and PM measurements.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`pmId` Holds the name used when identifying the MO.

class Pm

class PmGroup

..

+-SystemFunctions

+-Pm

+-PmGroup

+-MeasurementType [1..]

A grouping of the measurements into logical grouping.
PmGroup is unique in the ME.

This MO is created by the system.

Attributes
`string[0..1] noNotification readOnly`	`category` Deprecated, Comma-separated sequence of key words. Used for categorization and searching for data among reports. e.g. KPI, Feature xx, etc. Deprecated in ECIM PM 2.2. Deprecated: There is no practical use for this attribute in the model. It will not be visible in PM report files.
`boolean[0..1] noNotification readOnly`	`consistentData` Deprecated, Defines whether or not this group of data is guaranteed to be consistent. Counter Data Consistency In some MEs there are both detailed counters, e.g. #failedConnections and #succeededConnections, as well as more high-level summary counters. e.g. #totalConnections. A counter group is guaranteed to be consistent if it does not contain a summary counter whose value can be calculated based on other counters in that group, or if it does so but this calculation will always show the same value as the summary counter. Deprecated in ECIM PM 2.2. Deprecated: There is no practical need for this attribute in the model.
`string[0..1] noNotification readOnly`	`description` Description of the PmGroup.
`string[0..1] noNotification readOnly`	`generation` Determines if group concerns GSM, UMTS, EPS, combined (GSM+UMTS+EPS) or IMS measurements. Values are defined in 3GPP standard 32:404.
`ManagedObjectClass[0..1] noNotification readOnly`	`moClass` The Managed Object Class that uses the Measurement Types in this PmGroup. No value means this PM Group is not associated with any specific Managed Object Class.
`string key mandatory noNotification restricted`	`pmGroupId` Holds the name used when identifying the MO.
`string noNotification readOnly`	`pmGroupVersion` PM Group version identifier. Unique version identifier associated with a change to the contents of the PM Group, where new MeasurementTypes have been added.
`string[0..1] noNotification readOnly`	`switchingTechnology` The Switching domain or domains to which this measurement is applicable. Values are defined in 3GPP standard 32.404.
`boolean[0..1] noNotification readOnly`	`validity` States if the group is valid. A group might not be valid if, for example, the feature that this group is used for is not available to the customer.

class PmGroup

class PmJob

..

+-SystemFunctions

+-Pm

+-PmJob

+-MeasurementReader [1..]

Describes a user-defined PM job on the Managed Element.
A PM Job defines the attributes required per job and also defines the measurements to be included in the job. An instance of the MeasurementReader class is created for every PmGroup or MeasurementType instance being measured.

Attributes
`CompressionTypes[0..1]`	`compressionType` Indicates file compression type to be applied to the report file. If no value is set, then no compression is to be applied to the report file for this job. Must have the same value for all PM jobs with the same jobGroup tag and reportingPeriod assigned. Must have the same value for all PM jobs for which no jobGroup tag is assigned (the "default" jobGroup), but the same reportingPeriod assigned. Only applicable when jobType = MEASUREMENTJOB.
`JobState readOnly`	`currentJobState` Describes the current state of the PM job.
`TimePeriod[0..1]`	`granularityPeriod = FIFTEEN_MIN` Contains the granularity period of the job. The granularity period is the time between the initiation of two successive gatherings of measurement data. This is directly related to the ReportingPeriod as the granularity period can not be longer than the reporting period. Possible Values (s=second,m=minute, h=hour): 10s,30s,1m, 5m, 15m, 30m, 1h, 12h, 24h. Default Value: 15m.
`JobControl[0..1] readOnly`	`jobControl = FULL` Describes the level of MS control of the PM job. If no value is set, the MS shall treat it as FULL.
`string[0..1]`	`jobGroup` Tag for grouping PM measurement job results. Represents a grouping of separate PM Jobs for which the measurement results must be collected together in a single report file for that group only. If this attribute is not set, then for each reporting period, the measurement results for this job are written to the same report file as other jobs that have no job group assigned. Only applicable when jobType = MEASUREMENTJOB.
`JobPriority[0..1]`	`jobPriority = MEDIUM` Contains the priority of the job. Each job must have a priority if jobPrioritizationSupport in the PmMeasurementCapabilities is set to true.
`JobType[0..1]`	`jobType = MEASUREMENTJOB` Contains the type of PM job.
`string key mandatory noNotification restricted`	`pmJobId` Holds the name used when identifying the MO.
`ReportContentGeneration[0..1]`	`reportContentGeneration = CHANGED_ONLY` Describes the measurement result file content generated by PM service.
`TimePeriod[0..1]`	`reportingPeriod = FIFTEEN_MIN` Contains the reporting period of the result file. This is directly related to the granularity period as the granularity period can not be longer than the reporting period. Possible Values (s=second,m=minute, h=hour): 10s,30s,1m, 5m, 15m, 30m, 1h, 12h, 24h. Default Value: 15m. The value of reportingPeriod must be equal to the value of granularityPeriod if fileRPSupported in PmMeasurementCapabilities is false, or may be equal to a multiple of the value of granularityPeriod if fileRPSupported is set to true. Only applicable when jobType = MEASUREMENTJOB.
`JobState[0..1]`	`requestedJobState = ACTIVE` Contains the requested state of the PM job. It represents the state that the job has been ordered to reach.

class PmJob

class PmMeasurementCapabilities

..

+-SystemFunctions

+-Pm

+-PmMeasurementCapabilities

Contains the measurement capabilities of the ME.

This MO is created by the system.

References to:: ManagedObject;

Attributes
`boolean[0..1] readOnly`	`alignedReportingPeriod` Defines whether or not the Managed Element aligns its reporting periods to the hour. Only applicable when measurementJobSupport = true. If no value is set, the MS shall treat it as true.
`ManagedObject[0..1] readOnly`	`fileGroup` Deprecated, contains the file storage path to the measurement files on the ME. This attribute is only set if FileM is present, and refers to the file storage path. If this attribute is not set, the file storage path is stored locally in the fileLocation attribute in PmMeasurementCapabilities. Deprecated in ECIM PM 2.0. Deprecated: References to attributes in FileM must be removed from Common Fragments. fileLocation attribute contains all required information. Deprecated in ECIM PM 2.0.
`string[0..1] readOnly`	`fileLocation` Contains the path to the virtual file system on the node from which to fetch the measurement files. Only applicable when measurementJobSupport = true.
`boolean[0..1] readOnly`	`fileRPSupported` Specifies if ME supports a file Reporting Period different to Granularity Period where RP > GP. Only applicable when measurementJobSupport = true. If no value is set, the MS shall treat it as false.
`boolean[0..1] readOnly`	`finalROP` Indicates if measurement file for the last Result Output Period (ROP) is expected. When a measurement job is stopped, this attribute specifies whether a result file for the last ROP is expected (true), or not expected (false). Only applicable when measurementJobSupport = true.
`boolean[0..1] readOnly`	`jobGroupingSupport` Indicates if Managed Element supports grouping of selected measurement job results in a report file. If set to true, the ME groups selected measurement job results into one file per reporting period based on the PmJob attribute jobGroup. If set to false, the default behaviour is to generate a single PM report file per reporting period for all jobs. Only applicable when measurementJobSupport = true. If no value is set, the MS shall treat it as false.
`boolean[0..1] readOnly`	`jobPrioritizationSupport` Defines whether or not measurement jobs can be stopped by the system. Based on the priority of the Measurement jobs, they can either be stopped (true) or not (false) by the system. Attribute jobPriority in the job sets the priority per job. Only applicable when measurementJobSupport = true. If no value is set, the MS shall treat it as false.
`JobStartStopSupport readOnly`	`jobStartStopSupport` Specifies whether or not Performance Management jobs defined in the ME can be started and stopped. Possible values: NONE: a job is started when it is created and runs until it is deleted. BASIC: simple start/stop supported.
`uint16 readOnly`	`maxNoOfJobs` Specifies the maximum number of jobs that can be defined. A value of 0 means there is no limit to the number of jobs. If the specified limit is exceeded, when a performance monitoring is created or started, the create job or start job operation is rejected. This is an upper system limit, and support for it cannot be guaranteed in high-load conditions.
`uint32[0..1] readOnly`	`maxNoOfMeasurements` The maximum number of counter instances, i.e. active counters, that can be reported in one ROP. This is used by an MS to determine the max PM data file size. This is an upper-system limit, and support for it cannot be guaranteed in high-load conditions. A value of 0 means there is no limit. Only applicable when measurementJobSupport = true.
`uint16[0..1] readOnly`	`maxNoOfPmFiles` Specifies the maximum number of Result Output Period (ROP) files that are maintained in the ME. If a new file is created and the limit is exceeded, the oldest file is deleted. This is an upper-system limit, and support for it cannot be guaranteed in high-load conditions. Only applicable when measurementJobSupport = true.
`boolean readOnly`	`measurementJobSupport` Indicates if Managed Element supports Measurement Jobs.
`string key mandatory noNotification restricted`	`pmMeasurementCapabilitiesId` Holds the name used when identifying the MO.
`boolean[0..1] readOnly`	`producesUtcRopFiles` Deprecated, Indicates if the PM report files are produced using UTC format. If the timestamp is expressed in UTC time with no offset, then the value is true. If the timestamp is expressed in local time with UTC offset, then the value is false. Only applicable when measurementJobSupport = true. Deprecated in ECIM PM 2.5. Deprecated: Attribute definition was ambiguous. It is replaced by new attribute ropFilenameTimestamp. Deprecated in ECIM PM 2.5.
`boolean readOnly`	`realTimeJobSupport` Indicates if the Managed Element supports Realtime Jobs.
`RopFilenameTimestamp[0..1] readOnly`	`ropFilenameTimestamp` Indicates how the timestamp format is used in the Result Output Period (ROP) filename. Only applicable when measurementJobSupport = true. If no value is set, the MS shall treat it as LOCAL_WITH_UTC_OFFSET.
`CompressionTypes[0..2] nonUnique readOnly`	`supportedCompressionTypes` Indicates which compression types are supported by the ME for report files. No value means that compression of report files is not supported. Only applicable when measurementJobSupport = true.
`TimePeriod[0..9] nonUnique readOnly`	`supportedMeasJobGps` Indicates which granularity periods are supported by the ME for Measurement jobs. Only applicable when measurementJobSupport = true. If no value is set, the MS shall treat it as a single value of FIFTEEN_MIN.
`TimePeriod[0..9] nonUnique readOnly`	`supportedRopPeriods` Indicates the Result Output Period (ROP) or ROPs supported by the ME. Only applicable when measurementJobSupport = true. If no value is set, the MS shall treat it as a single value of FIFTEEN_MIN.
`TimePeriod[0..9] nonUnique readOnly`	`supportedRtJobGps` Indicates which granularity periods are supported by the ME for Realtime jobs. Only applicable when realTimeJobSupport = true. If no value is set, the MS shall treat it as a single value of ONE_MIN.
`TimePeriod[0..9] nonUnique readOnly`	`supportedThreshJobGps` Indicates which granularity periods are supported by the ME for Threshold jobs. Only applicable when thresholdJobSupport = true. If no value is set, the MS shall treat it as a single value of FIFTEEN_MIN.
`boolean readOnly`	`thresholdJobSupport` Indicates if the Managed Element supports Threshold Jobs.

class PmMeasurementCapabilities

class PmThresholdMonitoring

..

+-SystemFunctions

+-Pm

+-PmJob

+-MeasurementReader

+-PmThresholdMonitoring

Contains configuration of each threshold for Threshold jobs.
To be able to monitor the overall health of the network, thresholds are used for generating Performance Alarms.
Performance alarms cannot be cleared manually. Performance alarms must be cleared when the threshold is (a) crossed, or (b) reached, in the opposite direction to the one that triggers the alarm.

Attributes
`string key mandatory noNotification restricted`	`pmThresholdMonitoringId` Holds the name used when identifying the MO.
`int64 mandatory`	`thresholdHigh` Defines the high-threshold level for this alarm severity. For each pair of high-threshold and low-threshold levels, one of them must generate an alarm notification - or increase the severity of an existing alarm. The other one must generate an alarm clear notification, or decrease the severity of an existing alarm. If the direction of the threshold is increasing, a new alarm (or severity increase of an existing alarm) is not generated before the measurement value has (a) crossed or (b) reached the high-level threshold value. Furthermore, an existing alarm is not cleared (or its severity decreased) before the measurement value has reached or crossed the low-level threshold value. For decreasing thresholds, the opposite is applied. The hysteresis mechanism can be used for both Gauges and Cumulative Counters thresholds.
`int64 mandatory`	`thresholdLow` Defines the low-threshold level for this alarm severity. For each pair of high-threshold and low-threshold levels, one of them must generate an alarm notification, or increase the severity of an existing alarm. The other one must generate an alarm clear notification, or decrease the severity of an existing alarm. If the direction of the threshold is increasing, a new alarm (or severity increase of an existing alarm) is not generated before the measurement value has (a) crossed or (b) reached the high-level threshold value. Furthermore, an existing alarm is not cleared (or its severity decreased) before the measurement value has reached or crossed the low-level threshold value. For decreasing thresholds, the opposite is applied. The hysteresis mechanism can be used for both Gauges and Cumulative Counters thresholds.
`SeverityLevel[0..1]`	`thresholdSeverity = MINOR` Threshold severity. One of the following Severity Levels must be assigned per threshold, in order to raise a threshold alarm of this severity, or change an existing alarm to this severity, if that threshold is reached or crossed: CRITICAL MAJOR MINOR WARNING Severity level CLEARED is not a valid severity level and cannot be assigned to this attribute.

class PmThresholdMonitoring

class ProxyControl

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-ProxyControl

This Managed Object Class is for proxy service configuration.

Attributes
`boolean`	`appendProxyState = true` Specifies the flag which decides whether we choose to append the Proxy-State to radius message or strip all Proxy-State. false: Strip all the Proxy-State true: Append the Proxy-State Takes effect: After next restart
`string`	`getRealmFrom = User-Name` Specifies the Name of AVP. AAA server gets realm information from either one of or any combination of the following: User-Name Called-Station-Id NAS-Identifier AVP For example, If user sets the parameter to User-Name, it means AAA server will get realm information from User-Name. If user sets the parameter to User-Name \|\| Called-Station-Id \|\| NAS-Identifier AVP, it means AAA server will get realm information from one of the three, and the priority is in a descending order from User-Name to Called-Station-Id to NAS-Identifier AVP. Takes effect: After next restart Valid values: ^User-Name\|Called-Station-Id\|NAS-Identifier AVP$
`string`	`nasIdentifier = IPWorks-AAA` Specifies the identifier of the proxy server which will be fetched by SNMP. Takes effect: After next restart
`string mandatory`	`nasIpAddressReplacement` Replace NAS-IP-Address if it is configured with the replacement. Takes effect: After next restart
`string key mandatory noNotification restricted`	`proxyControlId` The value component of the RDN.
`ProxyServerType`	`proxyServerType = BOTH_HOME_AND_PROXY_SERVER` Specifies the type of AAA server to be configured : STANDALONE_HOME_SERVER STANDALONE_PROXY_SERVER BOTH_HOME_AND_PROXY_SERVER Takes effect: After next restart
`boolean`	`realmSaveProxyAcct = false` Specifies whether save proxy accounting message. Takes effect: After next restart
`UnmatchBehavior`	`realmUnmatchedBehavior = PROCESS_REQUEST_LOCALLY` Specifies the flag which decides how to handle the request If the realm of incoming request is not configured: PROCESS_REQUEST_LOCALLY REJECT_REQUEST Takes effect: After next restart
`uint8`	`retryCount = 3` Specifies the number of retries for which the proxy server sends proxy messages to one destination. The default value is 3. Takes effect: After next restart
`uint8`	`retryTimeout = 1` Specifies the time period for which the proxy server will wait before resending proxy messages to the destination. Takes effect: After next restart

class ProxyControl

class ProxyTargetSharedSecret

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusStack

+-SharedSecretMgr

+-ProxyTargetSharedSecretMgr

+-ProxyTargetSharedSecret

This Managed Object Class is for the configuration of Porxy Target Shared Secret.

Attributes
`Ipv4Ipv6 mandatory`	`proxyTargetIPAddr` Remote target IP address. The value can be either IPv4 address or IPv6 address. Takes effect: Immediately
`string key mandatory noNotification restricted`	`sharedSecretId` The value component of the RDN.
`string mandatory`	`sharedSecretValue` Shared Secret value related to the proxy target IP address. Takes effect: Immediately
`SharedSecretType`	`type = ALL` Specifies type of message to be sent to the proxy target. The default value is ALL. Takes effect: Immediately

class ProxyTargetSharedSecret

class ProxyTargetSharedSecretMgr

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusStack

+-SharedSecretMgr

+-ProxyTargetSharedSecretMgr

+-ProxyTargetSharedSecret [0..]

This Managed Object Class is for the Management of Proxy Target Shared Secret.

Attributes
`string key mandatory noNotification restricted`	`proxyTargetSharedSecretMgrId` The value component of the RDN.

class ProxyTargetSharedSecretMgr

class RadiusAAAFEService

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-RadiusAAAFEService

This Managed Object Class is about Radius AAA CUDB Configuration Parameters.

Attributes
`boolean`	`fEServiceEnable = false` Enable or disable radius FE Service: false: disable true: enable Takes effect: After next restart
`string key mandatory noNotification restricted`	`radiusAAAFEServiceId` The value component of the RDN.

class RadiusAAAFEService

class RadiusAAAService

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-AAASessionControl [1..1]

+-AccountingService [1..1]

+-AuthMethodControl [1..1]

+-DMCOAService [1..1]

+-IPAllocationService [1..1]

+-IWLANService [1..1]

+-ProxyControl [1..1]

+-RadiusAAAFEService [1..1]

+-TrustWIFIService [1..1]

This is Managed Object Class for Radius AAA service.

Attributes
`string key mandatory noNotification restricted`	`radiusAAAServiceId` The value component of the RDN.

class RadiusAAAService

class RadiusInterface

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusStack

+-RadiusInterface

This Managed Object Class is about Radius interfaces.

Attributes
`Ipv4Ipv6WithAny`	`acctAddress = any` Specifies the listen address for radius accounting. The listen address can be IPv4 address or IPv6 prefix,and eVIP IP is prefered for this IP address. If the IP address is set to IP "any", it’s AAA listen on all IPv4 interfaces by default. To allow the AAA listening on IPv6 interface, change the value of localhostBindIPType to 1. To allow the AAA to work on dual-stack mode (supporting both IPv4 and IPv6), change the value of localhostBindIPType to 2. Takes effect: After next restart
`Port`	`acctPort = 1813` Specifies the listen port for radius accounting. Takes effect: After next restart
`Ipv4Ipv6WithAny`	`authAuthzAddress = any` Specifies the listen addresses for radius authentication and authorization. The listen address can be IPv4 address or IPv6 prefix, and eVIP IP is prefered for this IP address. If the IP address is set to IP "any", it’s AAA listen on all IPv4 interfaces by default. To allow the AAA listen on IPv6 interface, change the value of localhostBindIPType to 1. To allow the AAA to work on dual-stack mode (supporting both IPv4 and IPv6), change the value of localhostBindIPType to 2. Takes effect: After next restart
`Port`	`authAuthzPort = 1812` Specifies the listen port for radius authentication and authorization. Takes effect: After next restart
`Port`	`dmCoaPort = 3799` Specifies the listen port for DM COA message. The default value is 3799. Takes effect: After next restart
`IPType`	`localhostBindIPType = IPV4` The default value is 0. When accessing and account IP is configured to "any", specifies which ip type should be binded. IPv4=0,IPv6=1,IPv4v6=2. Takes effect: After next restart
`Ipv4Ipv6WithAny`	`proxyAddress = any` Specifies the local address for AAA server to send proxy messages. The address could be IPv4 or IPv6 address, and eVIP is prefered for this IP address. If the IP address is set to IP "any", it’s AAA listen on all IPv4 interfaces by default. To allow the AAA listenon IPv6 interface, change the value of localhostBindIPType to 1. To allow the AAA to work on dual-stack mode (supporting both IPv4 and IPv6), change the value of localhostBindIPType to 2. Takes effect: After next restart
`IPType`	`proxyBindIPType = IPV4` When proxy IP address is configured to "any", specifies which ip type should be binded: IPV4 IPV6 IPV4V6 The default value is IPV4. Takes effect: After next restart
`uint8`	`proxyPortsNumEachPL = 5 { 1..255 }` Specifies the number of local ports for each PL AAA server to send proxy messages. The range is 1 to 255. The default value is 5. Takes effect: After next restart
`Port`	`proxyStartPort = 10000` Specifies the local start port for AAA server in first PL board to send proxy messages. The range is 1024 to 65535. Takes effect: After next restart
`string key mandatory noNotification restricted`	`radiusInterfaceId` The value component of the RDN.

class RadiusInterface

class RadiusSS7Stack

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-IWLANService

+-RadiusSS7Stack

This Managed Object Class is for WLAN SS7 stack configuration.

Attributes
`string`	`cpmAddress = ss7cafcpmaddress:6669` Specifies the CP management address of SS7 stack. The format is IP: port, separated by comma. The setting must be the same as that of CP Manager Address of the SS7 stack. In the SS7 signalling Manager, the value can be found at System Components > System Components. Takes effect: After next restart
`string`	`isdnNumber = 123456 [ 1..16 ]` Assigns the number of ISDN for IPWorks AAA Server. Takes effect: After next restart Valid values: [0-9]+
`ISDNNOA`	`isdnNumberNature = NOA_NATIONAL_SIGNIFICANT` Specifies the nature of ISDN. The default value is NOA_NATIONAL_SIGNIFICANT. Takes effect: After next restart
`uint8`	`nodeType = 1 { 0..1 }` Specifies AAA Node Type: 0: D' interface 1: Gr' interface (default) Takes effect: After next restart
`uint16`	`numberOfAAAProcess = 10` Specifies the number of AAA process. The default value is 10. Takes effect: After next restart
`uint8`	`numberOfBEInstance = 10 { 1..16 }` Specifies the number of BE instance. The default value is 10. Takes effect: After next restart
`uint32`	`originalSignalingPointCode = 100 { 0..16777215 }` Specifies the original SPC of SS7. The range is from 0 to 16777215. Takes effect: After next restart
`string key mandatory noNotification restricted`	`radiusSs7StackId` The value component of the RDN.
`Ipv4Ipv6`	`sgsnAddress = 127.0.0.1` Specifies the IP address of SGSN. Takes effect: After next restart
`boolean`	`useGT4CallingPartyAddress = false` If the value is true, IPWorks will encode GT into the calling party address and sets the routing indicator to route on GT. The default value is false. Takes effect: After next restart

class RadiusSS7Stack

class RadiusStack

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusStack

+-RadiusInterface [1..1]

+-RadiusStackControl [1..1]

+-SharedSecretMgr [1..1]

This Managed Object Class is about configuration for radius stack.

Attributes
`string key mandatory noNotification restricted`	`radiusStackId` The value component of the RDN.

class RadiusStack

class RadiusStackControl

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusStack

+-RadiusStackControl

This Managed Object Class is about Radius stack parameter optimization control.

Attributes
`uint8`	`cacheMsgExpireTime = 3 { 1..10 }` Specifies a period of time. When the traffic overload occurs, if the cached message in the buffer stays longer than the designated period of time, AAA Radius disposes these cached overloaded messages. The allowed value is between 1 and 10 sec. The value should be less than the expiration time configured at AAA client side. The default value is 3 seconds. Unit: 1 second Takes effect: After next restart
`boolean`	`daRspAttrNumCheck = true` The default value is true. If the value is false, IPWorks will not check the attribute of response message DM_ACK, DM_NAK, COA_ACK COA_NAK Takes effect: After next restart
`uint8`	`duplicateMsgMonitorInterval = 5 { 1..10 }` Specifies the interval for duplicate messages. Unit: 1 second Takes effect: After next restart
`uint8`	`overloadAlarmInterval = 30 { 1..30 }` Specifies the interval of raising overload alarm. When one AAA overload alarm is raised, the same alarm will not be raised during that period. The interval range is 1~30 minutes. The default value is 30. Unit: 1 minute Takes effect: After next restart
`string key mandatory noNotification restricted`	`radiusStackControlId` The value component of the RDN.

class RadiusStackControl

class Role

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthorizationMethod

+-Role

+-Rule [0..]

Authorization roles that may be assigned to users.

Roles have a containment relationship to the rules which define the access controls to objects.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`roleId` The value component of the RDN.
`string[0..1] readOnly`	`roleName` The role name a user may have. The name is matched against role names retrieved from the user information store.
`string[0..1]`	`userLabel` An additional descriptive text.

class Role

..

+-SystemFunctions

+-SysM

+-CrM

+-Role

Represents a role that determines the type of service provided by a compute resource.

This MO is created by the system.

References to:: ManagedObject;

Attributes
`ManagedObject[0..] nonUnique readOnly`	`isProvidedBy` Reference to an instance of Compute Resource Role.
`string key mandatory noNotification restricted`	`roleId` The value component of the RDN.
`Scalability[0..1] readOnly`	`scalability` Indicates whether or not the role can scale for capacity reasons.

class Role

class RoleUpgrade

..

+-SystemFunctions

+-SwM

+-UpgradePackage

+-RoleUpgrade

..

+-SystemFunctions

+-SwM

+-RoleUpgrade

Contains configuration for Balanced In-Service upgrade.
A RoleUpgrade defines the attributes required for the upgrade and defines the scalable Role of the nodes to be upgraded.
There can be one RoleUpgrade per UpgradePackage and one default, top-level, RoleUpgrade.

References to:: ManagedObject;

Attributes
`uint32[0..1] noNotification`	`minRemainingCapacity` Minimum remaining capacity in percent of engineered capacity during the activation of the upgrade.
`uint32[0..1] noNotification`	`minSizeOfRole` Minimum number of nodes in the scalable role to do the upgrade in bigger chunks than one by one (rolling).
`uint32[0..1] readOnly`	`numberOfSteps` Calculated number of steps based on required minimum service capacity during upgrade.
`ManagedObject mandatory noNotification`	`roleId` Reference to an instance of Role MO. The role is identified by the Distinguished Name of the Role MO.
`string key mandatory noNotification restricted`	`roleUpgradeId` The value component of the RDN.

class RoleUpgrade

class Rule

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthorizationMethod

+-Role

+-Rule

The rules that define the access control to objects.

A Rule MO is contained by a Role MO which may be then applied to users.

This MO is created by the system.

Attributes
`PermissionType[0..1] noNotification readOnly`	`permission` Permission is the access right the rule provides on a target specified by the ruleData attribute.
`RuleDataType[0..1] noNotification readOnly`	`ruleData` Defines the model elements for which the permission is applicable.
`string key mandatory noNotification restricted`	`ruleId` The value component of the RDN.
`string[0..1] noNotification readOnly`	`ruleName` The rule name. The rule name is a string of '<FunctionName>_<RuleNumber>' <FunctionName> is a unique name for a system, transport, equipment, or application function. <RuleNumber> is a numerical ID of the Rule MO within a <FunctionName>. Examples: BackupAndRestoreManagement_1 FileManagement_2 SecurityManagement_2 SystemManagement_1
`string[0..1]`	`userLabel` An additional descriptive text.

class Rule

class Schema

..

+-SystemFunctions

+-SysM

+-Schema

Represents a MIM model fragment whose corresponding functionality is operational in the Managed Element.

This MO is created by the system.

Actions

void

export ( string uri , EcimPasswordString password );: Pushes the schema file out from the ME.

The URI shall contain both the file name and the destination address. The password is optional.; Parameters

Name: uri
Description: The URI used for identifying the adress to the remote location to which the file shall be transferred to.

Name: password
Description: The password used for connecting to the remote file location.

Attributes
`string[0..1] readOnly`	`baseModelIdentifier` Represents the name of the common information model fragment that the data model fragment is derived from.
`string[0..1] readOnly`	`baseModelVersion` The full version information for the common information model fragment that the data model fragment is derived from.
`string[0..1] readOnly`	`identifier` Represents the name of the data model fragment that the schema represents.
`string key mandatory noNotification restricted`	`schemaId` The value component of the RDN. From a usability perspective, the value could e.g. be set to the corresponding model name.
`string[0..] nonUnique readOnly`	`selectedModelOptions` Contains the model features used in the generation of the MIM. The MS can query the information from the model without having to access the MIM file itself.
`string[0..1] readOnly`	`version` Represents the full version information for the data model fragment that the schema represents.

class Schema

class SecM

..

+-SystemFunctions

+-SecM

+-CertM [1..1]

+-Tls [0..1]

+-UserManagement [1..1]

Security Management root MOC.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`secMId` The value component of the RDN.

class SecM

..

+-SystemFunctions

+-SecM

+-Ssh [0..1]

+-Tls [0..1]

+-UserManagement [1..1]

Security Management root MOC.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`secMId` The value component of the RDN.

class SecM

class ServerType

ManagedElement

+-IpworksFunction

+-IpworksDnsRoot

+-ServerType

It is used to identify the Server Type.

Attributes
`string[0..16] nonUnique`	`Server1 = PL-3,PL-4` Identifies the hostname list of server type "Server1". This attribute can contain up to 16 items. Syntax: <PL/pl/SC/sc>-<1-99> Note: If a host is configured in both "Server1" and "Server2", the host uses "Server1" as its server type. If a host is NOT configured in "Server1" or "Server2", it is treated as "Server2". Valid values: ^((PL\|pl\|SC\|sc)\-[1-9]\|(PL\|pl\|SC\|sc)\-[1-9][0-9])$
`string[0..16] nonUnique`	`Server2 = ""` Identifies the hostname list of server type "Server2". This attribute can contain up to 16 items. Syntax: <PL/pl/SC/sc>-<1-99> Note: If a host is configured in both "Server1" and "Server2", the host uses "Server1" as its server type. If a host is NOT configured in "Server1" or "Server2", it is treated as "Server2". Valid values: ^((PL\|plSC\|sc)\-[1-9]\|(PL\|pl\|SC\|sc)\-[1-9][0-9])\| $
`string key mandatory noNotification restricted`	`serverTypeId` It is the key for Server Type.

class ServerType

class SES

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-SES

Configuration for WiFi mobility management.

Attributes
`boolean`	`enableSES = false` Disable/Enable SES HLR Fallback. false: Disable true: Enable Takes effect: Immediately
`string key mandatory noNotification restricted`	`sesId` The value component of the RDN.
`string[0..] nonUnique`	`sesOriginHost` The list of SES server' Origin-Host. IPWorks AAA identify the auth requests for SES through comparing the Origin-Host in auth requests and the configured Origin-Host list. The default value is empty. Takes effect: Immediately
`uint32`	`specialAuthRequestType = 1` The special auth request type in auth requests from SES. AAA identify the auth requests for SES through comparing the Auth-Request-Type in auth requests and the configured special auth request type. The default value is AUTHENTICATE_ONLY (1). Takes effect: Immediately

class SES

class Sftp

..

+-SystemFunctions

+-SysM

+-FileTPM

+-Sftp

Represents the common configuration parameters of Secure Shell File Transfer Protocol (SFTP) clients on the ME.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`sftpId` The value component of the RDN.

class Sftp

class SftpServer

..

+-SystemFunctions

+-SysM

+-FileTPM

+-FtpServer

+-SftpServer

Represents the Secure Shell File Transfer Protocol (SFTP) server of the ME.

This MO is created by the system.

Attributes
`BasicAdmState mandatory`	`administrativeState` The administrative state for the SFTP server. When LOCKED all on-going connections will immediately be terminated.
`uint16`	`port = 115` The listening port number of the SFTP server.
`string key mandatory noNotification restricted`	`sftpServerId` The value component of the RDN.

class SftpServer

class SharedSecretMgr

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusStack

+-SharedSecretMgr

+-ClientSharedSecretMgr [1..1]

+-ProxyTargetSharedSecretMgr [1..1]

Manage all the AAA shared secrets.

Attributes
`string key mandatory noNotification restricted`	`sharedSecretMgrId` The value component of the RDN.

class SharedSecretMgr

class Snmp

..

+-SystemFunctions

+-SysM

+-Snmp

+-SnmpTargetV1 [0..]

+-SnmpTargetV2C [0..]

+-SnmpTargetV3 [0..]

+-SnmpTargetV3Dtls [0..]

+-SnmpViewV1 [0..]

+-SnmpViewV2C [0..]

+-SnmpViewV3 [0..]

Configuration of the SNMP protocol, for example IP addresses and ports.

This MO is created by the system.

References to:: ManagedObject;

Attributes
`BasicAdmState`	`administrativeState = UNLOCKED` The administrative state for the SNMP protocol. If LOCKED, no SNMP Traps are generated, for example, alarm, alerts or heartbeats. Also, all access to the SNMP protocol is disabled.
`HostAndPort[0..]`	`agentAddress` Listen addresses for the SNMP agent. Attribute defines ports and IP addresses the agent listens to for incoming SNMP requests that use UDP protocol. Typical configurations use one port with IP address 0.0.0.0 and port 161, which means that the standard SNMP port is used on all interfaces.
`HostAndPort[0..]`	`agentAddressDtls` Listen addresses for SNMP agent that uses DTLS. Attribute defines ports and IP addresses the agent listens to for incoming SNMP requests that use DTLS transport protocol. The typical configuration uses one port with IP address 0.0.0.0 and port 10161. This means that the standard port for SNMP over DTLS is used on all interfaces.
`boolean`	`enableSourceCheckForV1V2C = false` Enables source IP check on the agent for community based Snmp V1 and Snmp V2C protocol access. If false, agent may accept SNMP GET, SET messages from any IP address. If true, agent only accepts SNMP GET, SET messages from configured target IP subnet.
`string[0..1]`	`engineId [ 5..32 ]` Unique identifier of the SNMP agent. Only applicable when using SNMPv3. To be configured when auto discovery of the SNMP Engine ID is not supported or it is desired to use an identifier that is not automatically calculated and remains unchanged across re-initializations. Where SNMP stack can not support setting the Engine ID, the applied value is ignored, keeping the current empty value. Specification: RFC3411, RFC5343
`ManagedObject[0..1]`	`nodeCredential` Node credential used for SNMP notifications with Transport Security Model. Specifies the DN of a NodeCredential MO in Certificate Management. If Transport Security Model, DTLS, is not used, the attribute value can be empty.
`OperState noNotification readOnly`	`operationalState` The operational status of the SNMP functionality. If DISABLED, there is some problem that degrades the SNMP functionality.
`uint16`	`port = 161` Port number used by agent to listen for incoming SNMP requests over OamAccessPoint interface. Note that OamAccessPoint interface is configured in System Management. The agent uses the value only if agentAddress attribute is not configured in this MO.
`uint16`	`portDtls = 10161` Port number used by agent to listen for SNMP with DTLS requests over OamAccessPoint interface. Note that OamAccessPoint interface is configured in System Management. The agent uses the value only if agentAddressDtls attribute is not configured in this MO.
`string key mandatory noNotification restricted`	`snmpId` Holds the name used when identifying the MO.
`ManagedObject[0..1]`	`trustCategory` The trust category used for authentication of DTLS protocol users. Specifies the DN of a TrustCategory MO in Certificate Management. If the DTLS protocol is not used, the attribute value can be empty.

class Snmp

class SnmpTargetV1

..

+-SystemFunctions

+-SysM

+-Snmp

+-SnmpTargetV1

An SNMP target defines a trap receiver and gives access privileges.
This class, defines V1 protocol attributes.

Attributes
`IPAddress mandatory`	`address` Host address or DNS name for the SNMP trap target.
`BasicAdmState`	`administrativeState = UNLOCKED` Administrative state for the SNMP target. When LOCKED, traps are not sent and access is not allowed for this MO instance.
`SnmpCommunity mandatory`	`community` The SNMP community string.
`boolean`	`isMibWritable = true` Specifies if user has write-access to MIB. If false, user is only allowed to perform read-access, such as SNMP GET. Attribute value has no relevance if SnmpViewV1 exists for the community of this instance. Permissions in the view override this attribute.
`uint8[0..1]`	`networkPrefixLength { 1..128 }` The network prefix length identifying the number of subnet mask bits in the target address. For IPv4 target address, range 1-32 For IPv6 target address, range 1-128 The value of this attribute is used only if Snmp MO's enableSourceCheckForV1V2C is set to true. In which case, the agent uses the value to determine the source IP address range permitted to execute Snmp GET and SET on managed device. An empty value in that case will mean that Snmp GET and SET shall be permitted from just a single target IP as configured in address attribute of this MO.
`OperState noNotification readOnly`	`operationalState` The operational status of this SNMP target.
`uint32`	`port = 162 { 1..65535 }` UDP port number for this SNMP trap target.
`string key mandatory noNotification restricted`	`snmpTargetV1Id` Holds the name used when identifying the MO.

class SnmpTargetV1

class SnmpTargetV2C

..

+-SystemFunctions

+-SysM

+-Snmp

+-SnmpTargetV2C

SNMP target defines a trap receiver and gives access privileges.
This class, defines V2C protocol attributes.

Attributes
`IPAddress mandatory`	`address` Host address or DNS name for the SNMP trap target.
`BasicAdmState`	`administrativeState = UNLOCKED` Administrative state for SNMP target. If LOCKED, traps are not sent and access is not allowed for this MO instance.
`SnmpCommunity mandatory`	`community` SNMP community string.
`uint32`	`informRetryCount = 1` The number of retries attempted when no response is received for a notification. Attribute value relevant only if transportMethod is set to INFORM.
`Timeout`	`informTimeout = 300` Timeout for SNMP INFORM. If SNMP INFORM is not acknowledged during this time, the implementation can assume that the notification was not delivered. Attribute value relevant only if transportMethod is set to INFORM. The unit is hundredth of a second, 0.01 seconds.
`boolean`	`isMibWritable = true` Specifies if users have write-access to MIB. If false, users are only allowed to perform read-access, such as SNMP GET. Attribute value has no relevance if SnmpViewV2C exists for the community of this instance. Permissions in the view override this attribute.
`uint8[0..1]`	`networkPrefixLength { 1..128 }` The network prefix length identifying the number of subnet mask bits in the target address. For IPv4 target address, range 1-32 For IPv6 target address, range 1-128 The value of this attribute is used only if Snmp MO's enableSourceCheckForV1V2C is set to true. In which case, the agent uses the value to determine the source IP address range permitted to execute Snmp GET and SET on managed device. An empty value in that case will mean that Snmp GET and SET shall be permitted from just a single target IP as configured in address attribute of this MO.
`OperState noNotification readOnly`	`operationalState` The operational status of this SNMP target.
`uint32`	`port = 162 { 1..65535 }` UDP port number for this SNMP trap target.
`string key mandatory noNotification restricted`	`snmpTargetV2CId` Holds the name used when identifying the MO.
`NotifyType`	`transportMethod = TRAP` Method type used. Can be TRAP or INFORM.

class SnmpTargetV2C

class SnmpTargetV3

..

+-SystemFunctions

+-SysM

+-Snmp

+-SnmpTargetV3

SNMP target defines a trap receiver and gives access privileges.
This class, defines V3 USM protocol attributes.

Attributes
`IPAddress mandatory`	`address` Host address or DNS name for the SNMP trap target.
`BasicAdmState`	`administrativeState = UNLOCKED` Administrative state for SNMP target. If LOCKED, traps are not sent and access is not allowed for this MO instance.
`EcimPassword mandatory`	`authKey` Authentication key used for signing SNMP notifications. AuthKey used to sign the messages sent. Key must contain at least 8 characters. Must have a value, but the value is used only if authorization is enabled. See attribute snmpSecurityLevel. If authorization is disabled, attribute can contain any arbitrary value.
`AuthProtocol`	`authProtocol = MD5` Authentication protocol used. Value relevant only if authorization is enabled. See attribute snmpSecurityLevel.
`uint32`	`informRetryCount = 1` The number of retries attempted when no response is received for a notification. Attribute value relevant only if transportMethod is set to INFORM.
`Timeout`	`informTimeout = 300` Timeout for SNMP INFORM. If SNMP INFORM is not acknowledged during this time, the implementation can assume that the notification was not delivered. Attribute value relevant only if transportMethod is set to INFORM. The unit is hundredth of a second, 0.01 seconds.
`boolean`	`isMibWritable = true` Specifies if users have write-access to MIB. If false, users are only allowed to perform read-access, such as SNMP GET. Attribute value has no relevance if SnmpViewV3 exists for the community of this instance. Permissions in the view override this attribute.
`OperState noNotification readOnly`	`operationalState` The operational status of this SNMP target.
`uint32`	`port = 162 { 1..65535 }` UDP port number for this SNMP trap target.
`EcimPassword mandatory`	`privKey` Privacy key used for encryption. User's privKey encrypts the data portion of the message. Key must contain at least 8 characters. Must have a value, but the value is used only if privacy is enabled. See attribute snmpSecurityLevel. If privacy is disabled, attribute can contain any arbitrary value.
`PrivProtocol`	`privProtocol = DES` Privacy protocol used. Attribute value relevant only if privacy is enabled. See attribute snmpSecurityLevel.
`SecurityLevel`	`snmpSecurityLevel = AUTH_PRIV` Specifies the level of security applied to messages exchanged with this target.
`string key mandatory noNotification restricted`	`snmpTargetV3Id` Holds the name used when identifying the MO.
`NotifyType`	`transportMethod = TRAP` Method type used. Can be TRAP or INFORM.
`SnmpSecurityName mandatory`	`user` SNMP V3 user name for the SNMP V3 message.

class SnmpTargetV3

class SnmpTargetV3Dtls

..

+-SystemFunctions

+-SysM

+-Snmp

+-SnmpTargetV3Dtls

SNMP target defines a trap receiver and gives access privileges.
This class defines attributes needed for SNMP over DTLS. Attributes nodeCredential and trustCategory defined in the Snmp MO class/instance are used. DTLS is used as transport protocol for incoming requests, outgoing responses and SNMP notifications.

Attributes
`IPAddress mandatory`	`address` Host address or DNS name for the SNMP trap target.
`BasicAdmState`	`administrativeState = UNLOCKED` Administrative state for SNMP target. If LOCKED, traps are not sent and access is not allowed for this MO instance.
`uint32`	`informRetryCount = 1` The number of retries attempted when no response is received for a notification. Attribute value relevant only if transportMethod is set to INFORM.
`Timeout`	`informTimeout = 300` Timeout for SNMP INFORM. If SNMP INFORM is not acknowledged during this time, the implementation can assume that the notification was not delivered. Attribute value relevant only if transportMethod is set to INFORM. The unit is hundredth of a second, 0.01 seconds.
`boolean`	`isMibWritable = true` Specifies if users have write-access to MIB. If false, users are only allowed to perform read-access, such as SNMP GET. Attribute value has no relevance if SnmpViewV3 exists for the community of this instance. Permissions in the view override this attribute.
`OperState noNotification readOnly`	`operationalState` The operational status of this SNMP target.
`uint32`	`port = 10162 { 1..65535 }` UDP port number for this SNMP trap target.
`string key mandatory noNotification restricted`	`snmpTargetV3DtlsId` Holds the name used when identifying the MO.
`NotifyType`	`transportMethod = TRAP` Method type used. Can be TRAP or INFORM.
`SnmpSecurityName mandatory`	`user` SNMP V3 user name. Used for authorization of incoming SNMP requests. Defined by the subject alternative name field, from the certificate provided by the client during DTLS session setup.

class SnmpTargetV3Dtls

class SnmpViewV1

..

+-SystemFunctions

+-SysM

+-Snmp

+-SnmpViewV1

SNMP view gives users access to SNMP MIBs.
This class explicitly defines a view for SNMP V1 users. Users are identified by community name.

Communities that are not configured in any view, are given by default access to the following SNMP MIBs:
- Ericsson Alarm MIB
- SNMP-FRAMEWORK-MIB
- MIB-2

Default status denies access to other SNMP MIBs. Create a new view configuration if default behaviour is insufficient.

Attributes
`string[0..]`	`community` The SNMP V1 communities that this view shall be applied on. If a specific community is set in more than one V1 view, the user will get access to the sum of the views. The information in this object will override the attribute isMibWriteable in all SnmpTargetV1 for these communities.
`SnmpOid[0..]`	`readOids` Defines which SNMP OIDs the user is allowed to read. The defined OIDs and all contained OIDs are readable.
`string key mandatory noNotification restricted`	`snmpViewV1Id` Holds the name used when identifying the MO.
`SnmpOid[0..]`	`writeOids` Defines which SNMP OIDs the user is allowed to write. The defined OIDs and all contained OIDs are writeable.

class SnmpViewV1

class SnmpViewV2C

..

+-SystemFunctions

+-SysM

+-Snmp

+-SnmpViewV2C

SNMP view gives users access to SNMP MIBs.
This class explicitly defines a view for SNMP V2C users. Users are identified by community name.

Communities that are not configured in any view, are given by default access to the following SNMP MIBs:
- Ericsson Alarm MIB
- SNMP-FRAMEWORK-MIB
- MIB-2

Default status denies access to other SNMP MIBs. Create a new view configuration if default behaviour is insufficient.

Attributes
`string[0..]`	`community` The SNMP V2C communities that this view shall be applied on. If a specific community is set in more than one V2 view, the user will get access to the sum of the views. The information in this object will override the attribute isMibWriteable in all SnmpTargetV2C for these communities.
`SnmpOid[0..]`	`readOids` Defines which SNMP OIDs the user is allowed to read. The defined OIDs and all contained OIDs are readable.
`string key mandatory noNotification restricted`	`snmpViewV2CId` Holds the name used when identifying the MO.
`SnmpOid[0..]`	`writeOids` Defines which SNMP OIDs the user is allowed to write. The defined OIDs and all contained OIDs are writeable.

class SnmpViewV2C

class SnmpViewV3

..

+-SystemFunctions

+-SysM

+-Snmp

+-SnmpViewV3

SNMP view gives users access to SNMP MIBs.
This class explicitly defines a view for SNMP V3 users. Users are identified by community name.

Communities that are not configured in any view, are given by default access to the following SNMP MIBs:
- Ericsson Alarm MIB
- SNMP-FRAMEWORK-MIB
- MIB-2

Default status denies access to other SNMP MIBs. Create a new view configuration if default behaviour is insufficient.

Attributes
`SnmpOid[0..]`	`readOids` Defines which SNMP OIDs the user is allowed to read. The defined OIDs and all contained OIDs are readable.
`string key mandatory noNotification restricted`	`snmpViewV3Id` Holds the name used when identifying the MO.
`string[0..]`	`user` The SNMP V3 users that this view shall be applied on. If a specific user is defined in more than one V3 view, the user will get access to the sum of the views. The information in this object will override the attribute isMibWriteable in all SnmpTargetV3 for these users.
`SnmpOid[0..]`	`writeOids` Defines which SNMP OIDs the user is allowed to write. The defined OIDs and all contained OIDs are writeable.

class SnmpViewV3

class SQLNodeInfo

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-DataBaseInfo

+-MySQLInfo

+-SQLNodeInfo

NDB SQL NODE information

Attributes
`string`	`host = SC-1` hostname of the SQL node located.
`EcimPassword[0..1]`	`password` Password to login NDB SQL Node.
`uint16`	`port = 3307` SQL node listen port.
`string key mandatory noNotification restricted`	`sqlNodeInfoId` The value component of the RDN.
`string`	`user = root` The username to login the MySQL NDB SQL node.

class SQLNodeInfo

class SS7Stack

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-SS7Stack

+-AppInstanceIdMgr [1..1]

Configuration for SS7 Stack.

Attributes
`string`	`cpmAddress = ss7cafcpmaddress:6669` The CP management address of peer SS7 stack. The format is IP:port, which is separated by colon. If it's configured as "127.0.0.1:6669", it means use single mode. Takes effect: After next restart
`uint32`	`destPointCode = 200` SS7 Destination point code. Takes effect: After next restart
`uint8`	`destSSN = 6` Dest SSN Takes effect: After next restart
`uint16`	`dialogIdOffset = 20000` Offset of the start dialog id. Takes effect: After next restart
`ISDNNOA`	`isdnNoaOfgsmSCF = NOA_INTERNATIONAL_NUMBER` The Nature of Address of gsmSCF ISDN number. Parameter "isdnNoaOfgsmSCF" and "isdnOfgsmSCF" are used to construct the "gsmSCF-Address" IE in MAP AnytimeInterrogation Request message. If "useGT4CallingPartyAddress" is enabled, it is also used as the calling party address with the following format: Routing indicator 0 (routing on GT) Global title indicator 4 SSN indicator 1 Point code indicator 0 Address: BCD encoding of "isdnNoaOfgsmSCF" and "isdnOfgsmSCF" Takes effect: After next restart
`ISDNNOA`	`isdnNoaOfVLR = NOA_INTERNATIONAL_NUMBER` The Nature of Address of VLR ISDN number. If "useGT4CallingPartyAddress" is enabled, parameter "isdnNoaOfVLR" and "isdnOfVLR" are used to construct the calling party address with the following format: Routing indicator 0 (routing on GT) Global title indicator 4 SSN indicator 1 Point code indicator 0 Address: BCD encoding of "isdnNoaOfVLR" and "isdnOfVLR" Takes effect: After next restart
`string`	`isdnOfgsmSCF = 123456 [ 1..16 ]` The ISDN number of gsmSCF. Takes effect: After next restart Valid values: [0-9]+
`string mandatory`	`isdnOfVLR [ 1..16 ]` The ISDN number of VLR. Takes effect: After next restart Valid values: [0-9]+
`uint8`	`mapInvokeTimer = 3 { 1..10 }` Map invoke timer Unit: 1 second Takes effect: After next restart
`uint32`	`origPointCode = 100 { 0..16777215 }` Original Signaling Point Code for SS7 message sending from IPWorks. Takes effect: After next restart
`uint16`	`ss7BeInstNum = 10` The number of SS7 backend instances to be used by IPWorks EPC AAA. SS7 BE instance id is started from 1, and IPWorks will connect to all SS7 backend instances whose id is no more than the value of parameter "ss7BeInstNum". Takes effect: After next restart
`uint8`	`ss7CpUserId = 42 { 40..59 }` The SS7 CP User Id of IPWorks EPC AAA. Takes effect: After next restart
`string key mandatory noNotification restricted`	`ss7StackId` The value component of the RDN.
`boolean`	`useGT4CallingPartyAddress = false` Use GT for Calling Party Address. false: Route on SSN true: Route on GT Takes effect: After next restart

class SS7Stack

class Ssh

..

+-SystemFunctions

+-SecM

+-Ssh

Configures system-wide properties of Secure Shell Transport Layer Protocol (SSH).

This MO is created by the system.

Attributes
`SshAlgorithm[1..] mandatory`	`selectedCiphers` The list of selected ciphers. The ciphers are offered to the SSH peer in the order as configured. Each value indicates one cipher.
`SshAlgorithm[1..] mandatory`	`selectedKeyExchanges` The list of selected key exchange algorithms. The algorithms are offered to the SSH peer in the order as configured. Each value indicates one algorithm.
`SshAlgorithm[1..] mandatory`	`selectedMacs` The list of selected message authentication codes. The algorithms are offered to the SSH peer in the order as configured. Each value indicates one coding algorithm.
`string key mandatory noNotification restricted`	`sshId` The value component of the RDN.
`SshAlgorithm[1..] readOnly`	`supportedCiphers` Lists the supported encryption ciphers.
`SshAlgorithm[1..] readOnly`	`supportedKeyExchanges` Lists the supported key exchange algorithms.
`SshAlgorithm[1..] readOnly`	`supportedMacs` Lists the supported message authentication codes.

class Ssh

class SshPublicKey

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthenticationMethod

+-UserAccountM

+-UserAccount

+-SshPublicKey

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthenticationMethod

+-AdministratorAccount

+-SshPublicKey

Stores an SSH public key of the user account.

Attributes
`string mandatory`	`publicKeyContent` Holds the whole content of a public key file. The content should be either in OpenSSH key format or entered in base64 format without line breaks of an RFC4716, PEM, or PKCS8 formatted key content. The base64 formats encode the whole content of the public key including the corresponding begin and end marker lines. For additional supported formats please refer to product documentation. Valid values: (^[A-Za-z0-9+/]+[=]$)\|(^[a-z0-9][a-z0-9-][ ][A-Za-z0-9+/]+[=]([ ][^[:cntrl:]])?$)
`string key mandatory noNotification restricted`	`sshPublicKeyId` The value component of the RDN.

class SshPublicKey

class SSInterface

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-StorageServer

+-SSInterface

Storage server interface.

Attributes
`Ipv4Ipv6`	`address = 169.254.100.23` Address of the storage server, which is running and provide the provisioning service.
`EcimPassword mandatory`	`password` The password for username to login storage server.
`string key mandatory noNotification restricted`	`ssInterfaceId` The value component of the RDN.
`string`	`username = admin` Username of storage server.

class SSInterface

class StorageServer

ManagedElement

+-IpworksFunction

+-IpworksCommonRoot

+-StorageServer

+-SSInterface [1..1]

The Storage Server.

Attributes
`string restricted`	`directory = /cluster/storage/no-backup/ipworks/logs` StorageServer Log Directory. Takes effect: Readonly field
`uint32`	`fileSize = 1 { 1..20 }` StorageServer maximum size (Mb) of log file. Takes effect: Immediately when Storage Server is running.
`uint16`	`filesNumber = 3 { 1..20 }` Storage Server number of log files. Takes effect: Immediately when Storage Server is running.
`IpworksLogLevel`	`level = LOG_LEVEL_DISABLE` Storage Server Log level. Takes effect: Immediately when Storage Server is running.
`uint32`	`passwordExpiryDays = 45 { 30..36500 }` Specifies the number of days in which password expires. 30 ~ 36500, the default is 45. Takes effect: Immediately when Storage Server is running.
`uint16 restricted`	`port = 17071 { 0..65535 }` Specifies the port number on which the Storage Server listens for requests. The default port is 17071. Takes effect: After next storage server restart
`boolean`	`securityLog = false` Determines whether to enable or disable the security log for Storage Server. Securitylog is disabled by default. Takes effect: Immediately when Storage Server is running and syslog is configured
`string key mandatory noNotification restricted`	`storageServerId` Storage Server Key Attribute.
`IpworksLogTimelyRotate`	`timelyRotate = DISABLE` Storage Server Log rotate time interval. Takes effect: Immediately when Storage Server is running.

class StorageServer

class SwInventory

..

+-SystemFunctions

+-SwInventory

+-SwItem [0..]

+-SwVersion [0..]

A singleton class which has only structural purpose.

This MO is created by the system.

References to:: SwVersion;

Attributes
`SwVersion[1..] readOnly`	`active` A reference to the active software version of a software domain. The software of a managed element can be stuctured into more than one software domain. The active software version(s) control the behavior of the managed element .
`string key mandatory noNotification restricted`	`swInventoryId` The value component of the RDN.
`string[0..1]`	`userLabel` A label for free usage.

class SwInventory

class SwItem

..

+-SystemFunctions

+-SwInventory

+-SwItem

A software item holds information about an executable software product.
A software item can also represent a container product that contains other software items, which represents a subordinate container and/or executable software products.

This MO is created by the system.

References from:: SwItem; SwVersion;
References to:: SwItem;

Attributes
`string[0..1] readOnly`	`additionalInfo` Describes any additional relevant aspects of the software item.
`ProductData[0..1] readOnly`	`administrativeData` The product identification of the software item.
`SwItem[0..] readOnly`	`consistsOf` Describes a hierarchical relationship between software items. An empty value indicates that current software item is not a container that includes subordinate software items.
`string key mandatory noNotification restricted`	`swItemId` The value component of RDN.
`string[0..1]`	`userLabel` A label for free usage.

class SwItem

class SwM

..

+-SystemFunctions

+-SwM

+-RoleUpgrade [0..1]

+-SwVersionMain [1..]

+-UpgradePackage [0..]

The root structural element of SW management activities.

This MO is created by the system.

References to:: SwVersion; SwVersionMain; UpgradePackage;

Actions
`boolean`	`cancel ( );` Cancel can be invoked during any long-lasting operation. It stops the operation and restores the consistent state that existed before the long-lasting operation started. The action returns immediately after invocation. The consequences of the action can be tracked by attribute progressReport. The action returns false if the action is refused by the ME. In all other cases, it returns true.
`uint16`	`createUpgradePackage ( string uri , EcimPasswordString password );` Creates a new UpgradePackage MO that represents a UP specified by a URI. This action includes all activities to initialize the UP MO. After the UP MO is created, all descriptive information is available, for example, administrativeData, number or names of activation step data. This action can be invoked when there is no other action in progress on this MO. The action returns immediately after invocation. The progress of the action can be tracked by attribute progressReport . The action returns 0 if the action cannot start for any reason, for example, another parallel action is in progress. The action also returns 0 if the ME cannot handle the URI, for example, it does not support the protocol specified in the URI. In all other cases, it returns the id of the action. The action id is different and unique for every invocation of the action. Parameters Name: uri Description: Contains a URI that points to a directory that contains the UP content. The generic URI syntax is defined by RFC 2396. The URI must not contain any password. The password must be provided in the second parameter of this action. The URI can be local absolute, for example, file:///data/dir/subdir. It can also be remote, for example, sftp://hostname/dir/subdir. Name: password Description: A password to the server that provides the UP. If authentication is not password-based, this parameter is ignored.
`boolean`	`removeSoftwareVersion ( SwVersion swVersion );` Removes a SW version as much as possible. It does not disturb node functionality. Files shared with other SW versions are not deleted. The active SW version cannot be removed. This action can only be invoked when there is no other action in progress on this MO. The action returns false if any of these conditions are violated. Parameters Name: swVersion Description: The value component of the RDN of the SwVersion MO in ECIM_SWIM to be removed.
`boolean`	`removeSwVersion ( SwVersionMain swVersion );` Action removeSwVersion is deprecated, it is recommended to use action removeSoftwareVersion. Removes a SW version as completely as possible without disturbing node functionality. Files shared with other SW versions are not deleted. The active SW version cannot be removed. This action can only be invoked when there is no other action in progress on this MO. The action returns false if any of these conditions are violated. The action returns immediately after invocation. The progress of the action can be tracked via the progressReport attribute. Deprecated: Action has been removed from ECIM SWM 4.2, deprecated in CmwSwM 5.1 Parameters Name: swVersion Description: The value component of the RDN of the SwVersionMain MO to remove.
`boolean`	`removeUpgradePackage ( UpgradePackage upgradePackage );` Removes an UpgradePackage. This action removes the UpgradePackage MO specified as action parameter. It also removes all files temporarily stored in the ME and associated with the UP. The action returns immediately after invocation. The progress of the action can be tracked by attribute progressReport. This action can be invoked when there is no other action in progress on this MO. The action returns false if the action could not start for any reason, for example, another parallel action is in progress. In all other cases, it returns true. Parameters Name: upgradePackage Description: An UpgradePackage MO to be removed.

Attributes
`ActionCapabilityState readOnly`	`actionCapable = CAPABLE` Shows whether the Software Management function is in a state of readiness to execute actions. The Managed Element sets it to WAIT during any operations and maintenance activity that causes one or more of the Software Management function related actions to become unavailable. The Management System should wait until the state returns to CAPABLE before invoking any Software Management action.
`string[0..1] readOnly`	`actionCapableInfo` Additional information relating to actionCapable. Provides free-text information if available about the managed element operation or maintenance activity causing actionCapable to be at state WAIT.
`SwVersionMain[1..] readOnly`	`activeSwVersion` Reference to the active software version(s) actively controlling the behavior of the managed element. Deprecated: Attribute has been removed from ECIM SWM 4.2, deprecated in CmwSwM 5.1
`uint32 noNotification`	`alarmBeforeTimeout = 180` alarmBeforeTimeout is the time in seconds an alarm is sent out before a fallback occurs.
`uint32 noNotification`	`automaticBackup = 1` automaticBackup is set to true(1) if ECIM SwM shall perform backup at activate() action otherwise set to false(0).
`uint32 noNotification`	`automaticRestore = 1` automaticRestore is set to true(1) if ECIM SwM shall automatically perform fallback operation at certain events otherwise set to false(0). These events are the following: • The ME meets a critical problem. (The ME must be able to detect any kind of software problem that prohibits a successful activation (step).) • The user calls the cancel() action any time during the activation. o Sub-case: Calling the cancel() action after the last activation step has completed (instead of calling commit()). • The fallback timer expires during the activation. The fallback operation shall restore the state that the ME had before starting the activation procedure.
`ExecMethod[0..1] noNotification`	`execMethod` The default execution method.
`int16`	`fallbackTimer = 1200` Maximum interval in seconds within which the next action must be invoked to avoid fallback. The maximum number of seconds allowed to elapse between the finish of an activation step and the start of the next new activate() action or new confirm() action. This attribute holds the value to which attribute timeRemainingBeforeFallback is set after the action activate() is successfully completed. -1 means infinity. In this case, the start value of timeRemainingBeforeFallback must also be set to -1 when the timer starts, even though no countdown ever starts (it remains always -1).
`string[0..1] readOnly`	`localFileStorePath` URI of the directory where the UPs are stored on the ME.
`AsyncActionProgress[0..1] readOnly`	`reportProgress` Represents the progress report, including the result, of the ongoing action. This MO supports only one action execution at a time.
`string[0..1] noNotification readOnly`	`subType` subType is any string value identifying the type of node from a ECIM SwM perspective.
`string key mandatory noNotification restricted`	`swMId` Holds the name used when identifying the MO.
`SwMTimeoutFallbackCapability[0..1] noNotification readOnly`	`timeoutFallbackCapability = SUPPORTED` Shows whether fallback capability is supported or not. If fallback capability is not supported, setting SwM fallbackTimer has no effect and automatic fallback does not occur.
`int16 noNotification readOnly`	`timeRemainingBeforeFallback = -1` Remaining number of seconds before performing fallback. Value -1 indicates an infinite number of seconds. Fallback means that the system returns to state PREPARE_COMPLETED .
`string[0..1]`	`userLabel` Used for free-text description.

class SwM

class SwVersion

..

+-SystemFunctions

+-SwInventory

+-SwVersion

An MO of this class represents the software version of a domain of the software.
If there is only one software domain, then the MO represents the overall version of the managed element.

This MO is created by the system.

References from:: SwInventory; SwM;
References to:: SwItem;

Attributes
`ProductData[0..1] readOnly`	`administrativeData` The product identification of the software version.
`SwItem[0..] readOnly`	`consistsOf` List of references to the software items the software version consists of.
`string key mandatory noNotification restricted`	`swVersionId` The value component of the RDN.
`DateTime[0..1] readOnly`	`timeOfActivation` Indicates the time when the software version was activated. If no time is presented, then current software version has not been activated.
`DateTime[0..1] readOnly`	`timeOfDeactivation` Indicates the time when the software version was deactivated. If no time is presented, then current software version has not been deactivated.
`DateTime[0..1] readOnly`	`timeOfInstallation` Indicates the time the software version was installed.
`string[0..1]`	`userLabel` A label for free usage.

class SwVersion

class SwVersionMain

..

+-SystemFunctions

+-SwM

+-SwVersionMain

This class is used to represent the main SW version running on the ME.

Such MO may be created after activating an UP.

An active software version is actively controlling the behaviour of the ME, while a non-active version represents software not yet activated or software which has been de-activated during some previous activation. There may be one or more active software versions.

This class is similar to the SwVersion class in the SW Inventory Fragment. Both SW Inventory SwVersion MOC and SwM SwVersionMain MOC represent overall software version of the ME.

This MO is created by the system.

Deprecated: Class has been removed from ECIM SwM 4.2, deprecated in CmwSwM 5.1

References from:: SwM;
References to:: ManagedObject;

Attributes
`ProductData readOnly`	`administrativeData` The product identification of the software version. Deprecated: Attribute has been removed from ECIM SwM 4.2, deprecated in CmwSwM 5.1
`string readOnly`	`name` Everyday name of the SW version. It may contain any longer textual description. Deprecated: Attribute has been removed from ECIM SwM 4.2, deprecated in CmwSwM 5.1
`int64[0..1] readOnly`	`size` Amount of disk space in KB that will be freed if this SW version is deleted. This figure may thus vary depending on what other SW versions exist - files shared between two SW versions will only be deleted when the last of those SW versions is deleted. Deprecated: Attribute has been removed from ECIM SwM 4.2, deprecated in CmwSwM 5.1
`ManagedObject[0..1] readOnly`	`swVersion` Associated Software Inventory Management MO. Both SW Inventory SwVersion MOC and SwM SwVersionMain MOC represent overall software version of the ME. Deprecated: Attribute has been removed from ECIM SwM 4.2, deprecated in CmwSwM 5.1
`string key mandatory noNotification restricted`	`swVersionMainId` The value component of the RDN. Deprecated: Attribute has been removed from ECIM SwM 4.2, deprecated in CmwSwM 5.1

class SwVersionMain

class SysM

..

+-SystemFunctions

+-SysM

+-CliSsh [0..1]

+-CliTls [0..1]

+-CrM [1..1]

+-FileTPM [1..1]

+-NetconfSsh [0..1]

+-NetconfTls [0..1]

+-NtpServer [0..]

+-Schema [2..]

+-Snmp [1..1]

+-TimeM [1..1]

This is the System Management MO.

It is a parent to the MOs which represent the system level functions such as time handling and version handling as well as file transfer capabilities and netconf configuration.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`sysMId` The value component of the RDN. It is set automatically when the MO instance is created.
`string[0..1]`	`userLabel` An additional descriptive text.

class SysM

class SystemFunctions

ManagedElement

+-SystemFunctions

+-BrM [1..1]

+-FileM [1..1]

+-Fm [1..1]

+-HealthCheckM [1..1]

+-Lm [1..1]

+-Pm [1..1]

+-SecM [1..1]

+-SwInventory [1..1]

+-SwM [1..1]

+-SysM [1..1]

ManagedElement

+-SystemFunctions

+-BrM [1..1]

+-FileM [1..1]

+-Fm [1..1]

+-HealthCheckM [1..1]

+-Lm [1..1]

+-Pm [1..1]

+-SecM [1..1]

+-SwInventory [1..1]

+-SwM [1..1]

+-SysM [1..1]

This model has a purpose to group the management of the system functions of the Managed Element.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`systemFunctionsId` Holds the name used when identifying the MO.

class SystemFunctions

This model has a purpose to group the management of the system functions of the Managed Element.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`systemFunctionsId` The value component of the RDN.

class SystemFunctions

class ThreadControl

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksAAACommonRoot

+-AAAServer

+-ThreadControlManager

+-ThreadControl

The threads configuration of related process.

Attributes
`uint16`	`messageQueueSize = 5000 { 1000..9999 }` Specifies the size of message queue to place the messages.
`ProcessType key mandatory noNotification restricted`	`processId` The process type as id.
`uint8`	`workThreadNumber = 24 { 1..64 }` Specifies the number working thread to handle the messages.

class ThreadControl

class ThreadControlManager

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksAAACommonRoot

+-AAAServer

+-ThreadControlManager

+-ThreadControl [0..]

The manager of thread control.

Attributes
`string key mandatory noNotification restricted`	`threadControlManagerId` The value component of the RDN.

class ThreadControlManager

class ThresholdMonitoring

..

+-SystemFunctions

+-FileM

+-FileGroupPolicy

+-ThresholdMonitoring

Specifies a threshold for housekeeping files in a file group.

Attributes
`HousekeepingAspect[0..1]`	`monitoredAspect = SIZE` Defines the aspect this monitor monitors. There will be no monitoring if the aspect is unset. Possible values are: SIZE \| QUANTITY
`uint32 mandatory`	`thresholdHigh` Defines the upper threshold for the configured monitored aspect. A new alarm must be sent or an existing alarm must change severity if the monitored value has reached or exceeded this threshold. The alarm must change severity if there is another MO of the same monitored aspect with a higher threshold value than this MO. The unit of the configured value depends on the selected monitored aspect. SIZE is given in kilobytes (kB) and QUANTITY has no unit.
`uint32 mandatory`	`thresholdLow` Defines the lower threshold for the configured monitored aspect. If there is an outstanding alarm, it must change severity or be cleared when the monitored value has reached or fallen below this threshold. The alarm must be cleared if there is no other MO of the same monitored aspect with a lower threshold value. Otherwise, it is only permitted to send a new alarm with lower severity. The unit of the configured value depends on the selected monitored aspect. SIZE is given in kilobytes (kB) and QUANTITY has no unit.
`string key mandatory noNotification restricted`	`thresholdMonitoringId` Value component of the RDN.
`Severity[0..1]`	`thresholdSeverity = WARNING` Severity of the alarm associated with this monitor. Possible values are: WARNING \| MINOR \| MAJOR \| CRITICAL
`string[0..1]`	`userLabel` Label for free use.

class ThresholdMonitoring

class TimeM

..

+-SystemFunctions

+-SysM

+-TimeM

+-DateAndTime [1..1]

+-Ntp [1..1]

Time management concerns the calendar date and local time of the node.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`timeMId` The value component of the RDN.

class TimeM

class Tls

..

+-SystemFunctions

+-SecM

+-Tls

Configures system-wide properties of Transport Layer Security (TLS).

This MO is created by the system.

Attributes
`CipherList`	`cipherFilter = DEFAULT` Specifies a filter for the cipher suite. Applied on the ciphers listed in attribute supportedCiphers. The result is shown in attribute enabledCiphers.
`Cipher[0..] nonUnique readOnly`	`enabledCiphers` Lists the ciphers as filtered by the attribute cipherFilter. Ciphers are ordered by strength. The strongest cipher is offered first.
`Cipher[0..] nonUnique readOnly`	`supportedCiphers` Lists the ciphers supported by the ME.
`string key mandatory noNotification restricted`	`tlsId` The value component of the RDN.

class Tls

..

+-SystemFunctions

+-SecM

+-Tls

Configures system-wide properties of Transport Layer Security (TLS).

This MO is created by the system.

Attributes
`CipherList`	`cipherFilter = kEECDH:kEDH:kRSA:!kPSK:!aPSK:!aDSS:!aNULL:!NULL:!SEED:!3DES:!DES:!MD5:!RC4:!CAMELLIA` Specifies a filter for the cipher suite list. Applied on the cipher suites listed in attribute supportedCiphers. The result is shown in attribute enabledCiphers.
`Cipher[1..] readOnly`	`enabledCiphers` Lists the cipher suites as filtered by the attribute cipherFilter. Cipher suites are ordered by strength. The strongest cipher suite is offered first.
`Cipher[1..] readOnly`	`supportedCiphers` Lists the cipher suites supported by the ME.
`string key mandatory noNotification restricted`	`tlsId` The value component of the RDN.

class Tls

class Transport

ManagedElement

+-Transport

+-DiffServCategory [0..]

+-Evip [1..1]

+-Host [0..]

ManagedElement

+-Transport

+-DiffServCategory [0..]

+-Evip [1..1]

+-Host [0..]

This is a container for common transport functions used within the Managed Element.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`transportId` Holds the name used when identifying the MO.

class Transport

This is a container for common transport functions used within the Managed Element.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`transportId` The value component of the RDN.

class Transport

class TrustCategory

..

+-SystemFunctions

+-SecM

+-CertM

+-TrustCategory

Represents a group of trusted certificates that can be referenced by Credential Users on the ME.

References from:: TrustedCertificate;
References to:: ManagedObject; TrustedCertificate;

Attributes
`ManagedObject[0..] nonUnique noNotification readOnly`	`reservedByUser` Indicates the users of this TrustCategory MO. The users are identified by Distinguished Names of Credential User Managed Objects.
`string key mandatory noNotification restricted`	`trustCategoryId` The value component of the RDN.
`TrustedCertificate[1..] nonUnique mandatory`	`trustedCertificates` The list of trusted certificates that belongs to this trust category. Contains the Distinguished Names of the TrustedCertificate Managed Objects.
`string[0..1]`	`userLabel` An additional descriptive text.

class TrustCategory

class TrustedCertificate

..

+-SystemFunctions

+-SecM

+-CertM

+-TrustedCertificate

Represents a trusted certificate.

This MO is created by the system.

References from:: CertM; EnrollmentAuthority; TrustCategory;
References to:: TrustCategory;

Attributes
`CertificateContent[0..1] readOnly`	`certificateContent` The X.509 content of the certificate.
`CertificateState[0..1] readOnly`	`certificateState` The current state of the certificate.
`ManagedCertificateState`	`managedState = ENABLED` The state of the trusted certificate set by the MS. If set to ENABLED, the certificate is trusted and the state of the certificate is represented by certificateState. If set to DISABLED, the trusted certificate is quarantined, and thus the trust relationship is suspended.
`TrustCategory[0..] nonUnique noNotification readOnly`	`reservedByCategory` Indicates the trust categories this trusted certificate belongs to. Contains the Distinguished Names of the TrustCategory Managed Objects.
`string key mandatory noNotification restricted`	`trustedCertificateId` The value component of the RDN.

class TrustedCertificate

class TrustWIFIService

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksRadiusAAARoot

+-RadiusAAAService

+-TrustWIFIService

trust WIFI Service configuration.

Attributes
`TranslationAgentMode`	`tranAgentMode = HLR_ONLY` Specifies the Translation Agent Mode: HLR_ONLY HSS_ONLY HSS_PRE The default value is HLR_ONLY. Takes effect: After next restart
`string key mandatory noNotification restricted`	`trustWIFIServiceId` The value component of the RDN.

class TrustWIFIService

class UpgradePackage

..

+-SystemFunctions

+-SwM

+-UpgradePackage

+-RoleUpgrade [0..1]

Controls the change process of the software configuration of a ME.
An instance of UpgradePackage (UP) represents a specific change
of software configuration from the existing one to the new one identified by the attribute administrativeData. The execution of the change process described by UP class is the normal way to change the content of the SW inventory. An UP can be seen as a modification agent. It can add new, remove, or modify functionality. The sequence in which a Software upgrade executes is as follows:
1. Prepare
2. Verify, which is optional
3. Activate
4. Confirm
When the upgrade package MO is created the upgrade control file is downloaded to specify the administrative data and the activation steps for this upgrade.

This MO is created by the system.

References from:: SwM;

Actions
`boolean`	`activate ( );` Current upgrade package is taken into operation fully or partially. Partial activation occurs if the UCF defines activation steps and attribute ignoreBreakPoints is false. The ME upgrade engine notifies the operator that the activation step is completed. The next activation step starts when the operator invokes an activate action. Each UP must have at least 1 activation step. When attribute ignoreBreakPoints=true, all activation steps are executed in sequence. When an activation step is complete, the ME executes the next activation step. That means there is no operator invocation when an activation step is complete. The time for observation of correct operation of the ME, after each completed step, is always monitored by a supervision timer. The invocation of activate() can be monitored by a supervision timer. If the supervision timer expires before invocation of activate() or confirm(), the activation fails and the ME falls back to state PREPARE_COMPLETED. The action returns immediately after invocation. The progress of the action can be tracked by attribute progressReport. The action returns false if the action could not start for any reason, for example, another parallel action is in progress. In all other cases, it returns true. This action can be invoked when the state is PREPARE_COMPLETED or ACTIVATION_STEP_COMPLETED. If the action is invoked in a state where the action has no meaning, ME is expected to return an error message.
`boolean`	`cancel ( );` Cancel can be invoked during any long-lasting operation. Stops the operation and restores the consistent state that existed before the long-lasting operation started. Furthermore, cancel() can also be invoked when the UP is in state WAITING_FOR_COMMIT or ACTIVATION_STEP_COMPLETED without having a long-lasting operation in progress. Calling cancel() in this state orders the ME to restore the state that existed before the activation procedure started. The action returns immediately after invocation. The consequences of the action can be tracked by attribute progressReport. The action returns false if the action is refused by the ME. If the action is invoked in a state where the action has no meaning, the ME is expected to return false. In all other cases, it returns true. This action can be invoked when the UP state is PREPARE_IN_PROGRESS, ACTIVATION_IN_PROGRESS, ACTIVATION_STEP_COMPLETED, or WAITING_FOR_COMMIT.
`boolean`	`commit ( );` Action commit is deprecated, it is recommended to use action confirm. Stops the activation supervision timer (fallback timer) and confirms the upgrade. The action returns immediately after invocation. The progress of the action can be tracked by attribute progressReport. The action returns false if the action could not start for any reason, for example, another parallel action is in progress. In all other cases, it returns true. This action can be invoked when the state is WAITING_FOR_COMMIT. The CoreMW implementation of the commit action has always been ansynchronous. This is an deviation from the ECIM SwM commit which was an synchronous action. Deprecated: Action has been removed from ECIM SWM 4.2, deprecated in CmwSwM 5.1
`boolean`	`confirm ( );` Stops the activation fallback timer and confirms the upgrade. The action returns when the synchronous action is completed. This action can be invoked when the state is WAITING_FOR_COMMIT. The action returns true on success, false on failure.
`boolean`	`prepare ( );` Prepares the Managed Element for activation of the current upgrade package. Executing prepare() does not have any negative impact on the in-service performance of the Managed Element. The action returns immediately after invocation. The progress of the action can be tracked by attribute progressReport. The action returns false if the action could not start for any reason, for example, another parallel action is in progress. In all other cases, it returns true.
`boolean`	`verify ( );` Verifies the ability to activate the current upgrade package. The action returns immediately after invocation. The progress of the action can be tracked by attribute progressReport. The action returns false if the action could not start for any reason, for example, another parallel action is in progress. In all other cases, it returns true. This action can be invoked when the state is PREPARE_COMPLETED. If the action is invoked in a state where the action has no meaning, the ME is expected to return an error message.This action can be called as an option in the whole upgrade procedure. The action can be called more than once if required.

Attributes
`int32 noNotification readOnly`	`activationFallbackTimer = -1` The activationFallbackTimer is the maximum execution time of an activation operation. The activationFallbackTimer is fetched from the packageInfo.xml. The default -1 value denotes that the activation timer is disabled.
`ActivationStep[1..] readOnly`	`activationStep` List of activation steps in the activation procedure. It is possible to stop after each step, perform supervision, and continue with the procedure.The upgrade procedure consists of at least one activation step.
`ProductData[1..] readOnly`	`administrativeData` The product identification of the software versions that are activated when an upgrade is completed. If the resulting software version after activation is unknown or uncertain, the administrativeData can be empty.
`DateTime readOnly`	`created` Date and time this Upgrade Package instance is created.
`uint16[0..1] noNotification readOnly`	`creatorActionId = 0` The Id of the action that created this UpgradePackage MO. Default value 0 shows that the ME does not record this information.
`ExecMethod[0..1] noNotification`	`execMethod` The execution method of a specific UpgradePackage.
`boolean`	`ignoreBreakPoints = true` Influences the behavior of the activate() action. False means there is a breakpoint between each activation step. Activation process stops at each breakpoint. True means execution ignores breakpoints between activation steps and instead executes the end-to-end activation process. This invokes all activation steps in sequence, assuming no errors occur.
`EcimPassword[0..1]`	`password` Password to the server that provides the UpgradePackage.
`AsyncActionProgressWithSteps[0..1] readOnly`	`reportProgress` Represents the progress report, including the result, of the ongoing action. This MO supports only one action execution at a time.
`UpgradePackageState readOnly`	`state` Current state of Upgrade Package.
`string key mandatory noNotification restricted`	`upgradePackageId` Holds the name used when identifying the MO.
`string[0..1]`	`uri` A URI that points to the directory where the UP can be found. The URI can be local, for example, file://data/dir/subdir. It can also be remote, for example, ftp://hostname/dir/subdir.
`string[0..1]`	`userLabel` Free-text description of the Upgrade Package.

class UpgradePackage

class UserAccount

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthenticationMethod

+-UserAccountM

+-UserAccount

+-SshPublicKey [0..1]

Represents a user account.

The O&M users need to authenticate to a UserAccount MO to access the ME.

References to:: AccountPolicy; PasswordPolicy;

Actions
`void`	`removePassword ( );` Removes the password from the account.
`void`	`resetPassword ( EcimPasswordString password , EcimEmpty noChange );` Resets the password of the account. The reset of the password requires the user authenticating to this account to change the password and the passwordState is set to EXPIRED_MUSTCHANGE. The password is only usable for a grace period. If the noChange parameter was provided, the passwordState is set to VALID and no forced change is required. The action returns an error if the password does not match the configured quality criteria. Check the configured PasswordQuality MO for more details. Parameters Name: password Description: The new password for this user account. Name: noChange Description: Indicates that no forced password change is needed at first login to this account.
`void`	`unlockOperationalLock ( );` Unlocks an account after an operational lock set by the ME. The ME may lock an account automatically based on the associated password policy or the account policy. The action should be called if the administrativeState is UNLOCKED but the accountState is LOCKED. The action returns an error if the account is LOCKED by administrativeState or the passwordState is EXPIRED. If the accountUsageState is DORMANT, the lastLoginTime attribute is cleared and the accountUsageState becomes UNUSED.

Attributes
`AccountPolicy mandatory`	`accountPolicy` The account policy. Refers to the DN of an AccountPolicy MO.
`AccountState readOnly`	`accountState` The state of the account. In LOCKED state, users are not able to authenticate to this account. In UNLOCKED state, users are able to authenticate to this account. Automatic operational locking and unlocking of the user account changes the account state to LOCKED or UNLOCKED, respectively. Automatic lock can be placed due to failed login attempts, expired password, or dormant account. Manual locking and unlocking performed by the attribute administrativeState is also reflected by the account state. A manual lock has precedence over an automatic lock, thus enabling an account must always start with checking the value of the administrativeState attribute and setting it UNLOCKED. If already UNLOCKED and the account state is LOCKED, the ME automatically locked the account, unlockOperationalLock must be invoked for unlock.
`AccountUsageState readOnly`	`accountUsageState` The state of the account based on user activity. The account is DORMANT if the system time passes the value of the lastLogin attribute plus the dormantTimer, thus indicating lock due to account inactivity. When the account is DORMANT the account gets locked by changing accountState to LOCKED. The account is UNUSED when no successful authentication was performed to it. The account is ACTIVE in all other cases.
`BasicAdmState`	`administrativeState = LOCKED` The administrative state of the account. Specifies the state of the account based on administration performed by the MS. If set to UNLOCKED but accountState is LOCKED, unlockOperationalLock must be invoked.
`DateTime[0..1] readOnly`	`lastLoginTime` The date of the last successful login.
`DateTime[0..1] readOnly`	`lockedTime` The time the account was locked. Specifies the time the account was locked regardless if that was due to an administrative lock or an automatic operational lock. The value is cleared when the account is unlocked.
`DateTime[0..1] readOnly`	`passwordChangedTime` The time the password was last changed or reset. Has no value if the password is not set.
`DateTime[0..] nonUnique noNotification readOnly`	`passwordFailureTimes` Dates of failed login attempts. The list of dates when a user tried to authenticate to this account and failed. The attribute can be reset by a successful authentication, by the resetPassword action, or by the removePassword action. The dates outside the time-window set by failureCountInterval of the configured PasswordPolicy MO are removed.
`PasswordPolicy mandatory`	`passwordPolicy` The password policy. Refers to the DN of a PasswordPolicy MO.
`PasswordState[0..1] readOnly`	`passwordState` The state of the password. Has no value if the password is not initialized by resetPassword action after creating the account or the password was removed; thus, no password is set. If the state is EXPIRED_MUSTCHANGE the password must be changed by the user at login. After a grace period the state turns to EXPIRED and the account becomes LOCKED; only the MS can reset the password in that state.
`RoleString[0..]`	`roles` The authorization profile of the user account. List the roles of the account for Role Based Access Control. The user authenticating to this account will receive the permissions defined in an authorization model.
`AccountIdString key mandatory noNotification restricted`	`userAccountId` The user ID to be provided at authentication.
`string[0..1]`	`userLabel` An additional descriptive text.
`string[0..1]`	`userName` The full name of the user assigned to the account.

class UserAccount

class UserAccountM

..

+-SystemFunctions

+-SecM

+-UserManagement

+-LocalAuthenticationMethod

+-UserAccountM

+-UserAccount [0..]

Contains and enables the management of O&M user accounts.

This MO is created by the system.

Attributes
`string key mandatory noNotification restricted`	`userAccountMId` The value component of the RDN.

class UserAccountM

class UserManagement

..

+-SystemFunctions

+-SecM

+-UserManagement

+-AuthenticationOrder [0..1]

+-AuthorizationOrder [0..1]

+-LdapAuthenticationMethod [1..1]

+-LocalAuthenticationMethod [1..1]

+-LocalAuthorizationMethod [1..1]

User Management MOC.

This MO is created by the system.

Attributes
`string[0..] nonUnique`	`targetType` Lists the target types of the ME for Target Based Access Control (TBAC). This attribute is optional for Authentication Methods that require TBAC configuration. Authentication Methods use TBAC to determine the following: whether a user can be authorized in the ME, and which authorization profiles apply to the user in the ME, based on the target types specified in this attribute. This attribute can contain any classifier string for the ME such as geographical, for example: 'stockholm', network, for example 'ims', or functional identifiers, for example 'cscf', and any combination of these. The generic behavior of TBAC for authorization is as follows: TBAC is LOCKED in the ME: authorization is performed without TBAC. TBAC is UNLOCKED in the ME: authorization is performed if the targets that the user is provided with exactly match at least one string of configured target types. Otherwise, authorization fails. Determining the authorization profiles of the user is specific per Authentication Method. The LOCKED and UNLOCKED states of TBAC in the ME are controlled by the Authentication Methods. Example value: 'cscf.ims.stockholm'.
`string[0..1]`	`userLabel` An additional descriptive text.
`string key mandatory noNotification restricted`	`userManagementId` The value component of the RDN.

class UserManagement

..

+-SystemFunctions

+-SecM

+-UserManagement

User Management MOC.

This MO is created by the system.

Attributes
`string[0..1]`	`legalNotice = IF YOU ARE NOT AN AUTHORIZED USER, PLEASE EXIT IMMEDIATELY` The legal notice presented to the user when starting an O&M session. The message is presented to the client before authentication takes place. Depends on the client capability and configuration if the message is presented to the O&M user. The O&M user may receive this information before authentication if the authentication is password based; otherwise, it is perceived as post-authentication message. The purpose of the message is to warn the user about the consequences of unauthorized access. No value means there is no legal notice.
`uint8[0..1]`	`loginFailureDelay = 5 { 1..255 }` Delay after a failed login attempt in seconds. No value means no delay. Unit: 1 seconds
`string[0..] nonUnique`	`targetType` Lists the target types of the ME for Target Based Access Control (TBAC). This attribute is optional for Authentication Methods that require TBAC configuration. Authentication Methods use TBAC to determine the following: whether a user can be authorized in the ME, and which authorization profiles apply to the user in the ME, based on the target types specified in this attribute. This attribute can contain any classifier string for the ME such as geographical, for example: 'stockholm', network, for example 'ims', or functional identifiers, for example 'cscf', and any combination of these. The generic behavior of TBAC for authorization is as follows: TBAC is LOCKED in the ME: authorization is performed without TBAC. TBAC is UNLOCKED in the ME: authorization is performed if the targets that the user is provided with exactly match at least one string of configured target types. Otherwise, authorization fails. Determining the authorization profiles of the user is specific per Authentication Method. The LOCKED and UNLOCKED states of TBAC in the ME are controlled by the Authentication Methods. Example value: 'cscf.ims.stockholm'. Valid values: ^(\\\\[a-fA-F0-9]{2}\|[A-Za-z0-9!$%&'./:=?@^_`{\|}~-])((\\\\[a-fA-F0-9]{2}\|[A-Za-z0-9!$%&'./:=?@^_`{\|}~# -])*(\\\\[a-fA-F0-9]{2}\|[A-Za-z0-9!$%&'./:=?@^_`{\|}~#-]))?$
`string[0..1]`	`userLabel` An additional descriptive text.
`string key mandatory noNotification restricted`	`userManagementId` The value component of the RDN.

class UserManagement

class WiFiMMService

ManagedElement

+-IpworksFunction

+-IPWorksAAARoot

+-IPWorksDiameterAAARoot

+-DiameterAAAService

+-WiFiMMService

Configuration for WiFi mobility management.

Attributes
`boolean`	`checkAnonymousProxy = false` Disable/Enable the checking if the UE-Local-IP-Address belongs to anonymous proxy for Mobility Management feature. false: Disable true: Enable When it is enabled, "MCC for anonymous proxy in WiFi Mobility Management"will be used as the Visited-Network-Identifier in MAR message to HSS if user is accessing the network through an anonymous proxy. The default value is false(disable). Takes effect: After next restart
`uint16`	`maxAgeOfLocation = 120 { 0..65535 }` A threshold measured in minutes. If the Age of Location in ATI Response is greater than the threshold, AAA server ignores this user location from HLR. The default value is 120. Unit: 1 minute Takes effect: After next restart
`string[0..1]`	`mcc4AnonymousProxy = 777 [ 3 ]` The specific MCC for anonymous proxy in WiFi Mobility Management. Takes effect: After next restart Valid values: [0-9]{3}
`string`	`mcc4HPLMN = 999 [ 3 ]` MCC of Home PLMN in WiFi Mobility Management. Takes effect: After next restart Valid values: [0-9]{3}
`string`	`mcc4UnknownUserLocation = 888 [ 3 ]` Default MCC for WiFi Mobility Management. It is used if the user location is unknown. Configure this parameter if AAA server gets user location from Geography IP database or from 3GPP CS network. Takes effect: After next restart Valid values: [0-9]{3}
`WIFIMMOPTION`	`option = WIFIMM_DISABLE` WiFi Mobility Management Option: DISABLE(0): Disable WiFi Mobility Management feature GEOIP_ONLY(1): Get user location from Geography IP database only CS_LOCATION_ONLY(2): Get user location from 3GPP CS network only PREFER_GEOIP(3): Prefer user location from Geography IP database PREFER_3GPP_CS_LOCATION(4): Prefer user location from 3GPP CS network The default value is 0. Takes effect: After next restart
`string`	`specialMNC = 999 [ 2..3 ]` The specific MNC for WiFi Mobility Management, which is negotiated with HSS. Takes effect: After next restart
`string key mandatory noNotification restricted`	`wifiMMServiceId` The value component of the RDN.

class WiFiMMService

Managed Object Model (MOM)

All PM Counters

Contents

Managed Object Model

(MOM)