#line 1 "C:\\WINDOWS\\SYSTEM32\\WBEM\\EN-US\\WFASCIM.MFL" #pragma classflags("safeupdate") #pragma autorecover #pragma namespace("\\\\.\\root\\standardcimv2") instance of __namespace{ name="MS_409";}; #pragma namespace("\\\\.\\root\\standardcimv2\\MS_409") [Version("2.7.0") : Amended,Description("CIM_Component is a generic association used to establish \\'part of\\' relationships between Managed Elements. For example, it could be used to define the components or parts of a System.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class CIM_Component { [key,Description("The parent element in the association.") : Amended ToSubclass] CIM_ManagedElement Ref GroupComponent; [key,Description("The child element in the association.") : Amended ToSubclass] CIM_ManagedElement Ref PartComponent; }; [Version("2.19.0") : Amended,Description("ManagedElement is an abstract class that provides a common superclass (or top of the inheritance tree) for the non-association classes in the CIM Schema.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class CIM_ManagedElement { [Description("InstanceID is an optional property that may be used to opaquely and uniquely identify an instance of this class within the scope of the instantiating Namespace. Various subclasses of this class may override this property to make it required, or a key. Such subclasses may also modify the preferred algorithms for ensuring uniqueness that are defined below.\nTo ensure uniqueness within the NameSpace, the value of InstanceID should be constructed using the following \"preferred\" algorithm: \n: \nWhere and are separated by a colon (:), and where must include a copyrighted, trademarked, or otherwise unique name that is owned by the business entity that is creating or defining the InstanceID or that is a registered ID assigned to the business entity by a recognized global authority. (This requirement is similar to the _ structure of Schema class names.) In addition, to ensure uniqueness, must not contain a colon (:). When using this algorithm, the first colon to appear in InstanceID must appear between and . \n is chosen by the business entity and should not be reused to identify different underlying (real-world) elements. If not null and the above \"preferred\" algorithm is not used, the defining entity must assure that the resulting InstanceID is not reused across any InstanceIDs produced by this or other providers for the NameSpace of this instance. \nIf not set to null for DMTF-defined instances, the \"preferred\" algorithm must be used with the set to CIM.") : Amended ToSubclass] string InstanceID; [Description("The Caption property is a short textual description (one- line string) of the object.") : Amended ToSubclass] string Caption; [Description("The Description property provides a textual description of the object.") : Amended ToSubclass] string Description; [Description("A user-friendly name for the object. This property allows each instance to define a user-friendly name in addition to its key properties, identity data, and description information. \nNote that the Name property of ManagedSystemElement is also defined as a user-friendly name. But, it is often subclassed to be a Key. It is not reasonable that the same property can convey both identity and a user-friendly name, without inconsistencies. Where Name exists and is not a Key (such as for instances of LogicalDevice), the same information can be present in both the Name and ElementName properties. Note that if there is an associated instance of CIM_EnabledLogicalElementCapabilities, restrictions on this properties may exist as defined in ElementNameMask and MaxElementNameLen properties defined in that class.") : Amended ToSubclass] string ElementName; }; [Description("CIM_ManagedSystemElement is the base class for the System Element hierarchy. Any distinguishable component of a System is a candidate for inclusion in this class. Examples of system components include: \n- software components such as application servers, databases, and applications \n- operating system components such as files, processes, and threads \n- device components such as disk drives, controllers, processors, and printers \n- physical components such as chips and cards.") : Amended ToSubclass,Version("2.22.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_ManagedSystemElement : CIM_ManagedElement { [Description("A datetime value that indicates when the object was installed. Lack of a value does not indicate that the object is not installed.") : Amended ToSubclass] datetime InstallDate; [Description("The Name property defines the label by which the object is known. When subclassed, the Name property can be overridden to be a Key property.") : Amended ToSubclass] string Name; [Description("Indicates the current statuses of the element. Various operational statuses are defined. Many of the enumeration\\'s values are self-explanatory. However, a few are not and are described here in more detail. \n\"Stressed\" indicates that the element is functioning, but needs attention. Examples of \"Stressed\" states are overload, overheated, and so on. \n\"Predictive Failure\" indicates that an element is functioning nominally but predicting a failure in the near future. \n\"In Service\" describes an element being configured, maintained, cleaned, or otherwise administered. \n\"No Contact\" indicates that the monitoring system has knowledge of this element, but has never been able to establish communications with it. \n\"Lost Communication\" indicates that the ManagedSystem Element is known to exist and has been contacted successfully in the past, but is currently unreachable. \n\"Stopped\" and \"Aborted\" are similar, although the former implies a clean and orderly stop, while the latter implies an abrupt stop where the state and configuration of the element might need to be updated. \n\"Dormant\" indicates that the element is inactive or quiesced. \n\"Supporting Entity in Error\" indicates that this element might be \"OK\" but that another element, on which it is dependent, is in error. An example is a network service or endpoint that cannot function due to lower-layer networking problems. \n\"Completed\" indicates that the element has completed its operation. This value should be combined with either OK, Error, or Degraded so that a client can tell if the complete operation Completed with OK (passed), Completed with Error (failed), or Completed with Degraded (the operation finished, but it did not complete OK or did not report an error). \n\"Power Mode\" indicates that the element has additional power model information contained in the Associated PowerManagementService association. \nOperationalStatus replaces the Status property on ManagedSystemElement to provide a consistent approach to enumerations, to address implementation needs for an array property, and to provide a migration path from today\\'s environment to the future. This change was not made earlier because it required the deprecated qualifier. Due to the widespread use of the existing Status property in management applications, it is strongly recommended that providers or instrumentation provide both the Status and OperationalStatus properties. Further, the first value of OperationalStatus should contain the primary status for the element. When instrumented, Status (because it is single-valued) should also provide the primary status of the element.") : Amended ToSubclass,Values{"Unknown", "Other", "OK", "Degraded", "Stressed", "Predictive Failure", "Error", "Non-Recoverable Error", "Starting", "Stopping", "Stopped", "In Service", "No Contact", "Lost Communication", "Aborted", "Dormant", "Supporting Entity in Error", "Completed", "Power Mode", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperationalStatus[]; [Description("Strings describing the various OperationalStatus array values. For example, if \"Stopping\" is the value assigned to OperationalStatus, then this property may contain an explanation as to why an object is being stopped. Note that entries in this array are correlated with those at the same array index in OperationalStatus.") : Amended ToSubclass] string StatusDescriptions[]; [Description("A string indicating the current status of the object. Various operational and non-operational statuses are defined. This property is deprecated in lieu of OperationalStatus, which includes the same semantics in its enumeration. This change is made for 3 reasons: \n1) Status is more correctly defined as an array. This definition overcomes the limitation of describing status using a single value, when it is really a multi-valued property (for example, an element might be OK AND Stopped. \n2) A MaxLen of 10 is too restrictive and leads to unclear enumerated values. \n3) The change to a uint16 data type was discussed when CIM V2.0 was defined. However, existing V1.0 implementations used the string property and did not want to modify their code. Therefore, Status was grandfathered into the Schema. Use of the deprecated qualifier allows the maintenance of the existing property, but also permits an improved definition using OperationalStatus.") : Amended ToSubclass] string Status; [Description("Indicates the current health of the element. This attribute expresses the health of this element but not necessarily that of its subcomponents. The possible values are 0 to 30, where 5 means the element is entirely healthy and 30 means the element is completely non-functional. The following continuum is defined: \n\"Non-recoverable Error\" (30) - The element has completely failed, and recovery is not possible. All functionality provided by this element has been lost. \n\"Critical Failure\" (25) - The element is non-functional and recovery might not be possible. \n\"Major Failure\" (20) - The element is failing. It is possible that some or all of the functionality of this component is degraded or not working. \n\"Minor Failure\" (15) - All functionality is available but some might be degraded. \n\"Degraded/Warning\" (10) - The element is in working order and all functionality is provided. However, the element is not working to the best of its abilities. For example, the element might not be operating at optimal performance or it might be reporting recoverable errors. \n\"OK\" (5) - The element is fully functional and is operating within normal operational parameters and without error. \n\"Unknown\" (0) - The implementation cannot report on HealthState at this time. \nDMTF has reserved the unused portion of the continuum for additional HealthStates in the future.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded/Warning", "Minor failure", "Major failure", "Critical failure", "Non-recoverable error", "DMTF Reserved"} : Amended ToSubclass] uint16 HealthState; [Description("CommunicationStatus indicates the ability of the instrumentation to communicate with the underlying ManagedElement. CommunicationStatus consists of one of the following values: Unknown, None, Communication OK, Lost Communication, or No Contact. \nA Null return indicates the implementation (provider) does not implement this property. \n\"Unknown\" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. \n\"Not Available\" indicates that the implementation (provider) is capable of returning a value for this property, but not ever for this particular piece of hardware/software or the property is intentionally not used because it adds no meaningful information (as in the case of a property that is intended to add additional info to another property). \n\"Communication OK \" indicates communication is established with the element, but does not convey any quality of service. \n\"No Contact\" indicates that the monitoring system has knowledge of this element, but has never been able to establish communications with it. \n\"Lost Communication\" indicates that the Managed Element is known to exist and has been contacted successfully in the past, but is currently unreachable.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Communication OK", "Lost Communication", "No Contact", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CommunicationStatus; [Description("DetailedStatus compliments PrimaryStatus with additional status detail. It consists of one of the following values: Not Available, No Additional Information, Stressed, Predictive Failure, Error, Non-Recoverable Error, SupportingEntityInError. Detailed status is used to expand upon the PrimaryStatus of the element. \nA Null return indicates the implementation (provider) does not implement this property. \n\"Not Available\" indicates that the implementation (provider) is capable of returning a value for this property, but not ever for this particular piece of hardware/software or the property is intentionally not used because it adds no meaningful information (as in the case of a property that is intended to add additional info to another property). \n\"No Additional Information\" indicates that the element is functioning normally as indicated by PrimaryStatus = \"OK\". \n\"Stressed\" indicates that the element is functioning, but needs attention. Examples of \"Stressed\" states are overload, overheated, and so on. \n\"Predictive Failure\" indicates that an element is functioning normally but a failure is predicted in the near future. \n\"Non-Recoverable Error \" indicates that this element is in an error condition that requires human intervention. \n\"Supporting Entity in Error\" indicates that this element might be \"OK\" but that another element, on which it is dependent, is in error. An example is a network service or endpoint that cannot function due to lower-layer networking problems.") : Amended ToSubclass,Values{"Not Available", "No Additional Information", "Stressed", "Predictive Failure", "Non-Recoverable Error", "Supporting Entity in Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 DetailedStatus; [Description("OperatingStatus provides a current status value for the operational condition of the element and can be used for providing more detail with respect to the value of EnabledState. It can also provide the transitional states when an element is transitioning from one state to another, such as when an element is transitioning between EnabledState and RequestedState, as well as other transitional conditions.\nOperatingStatus consists of one of the following values: Unknown, Not Available, In Service, Starting, Stopping, Stopped, Aborted, Dormant, Completed, Migrating, Emmigrating, Immigrating, Snapshotting. Shutting Down, In Test \nA Null return indicates the implementation (provider) does not implement this property. \n\"Unknown\" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. \n\"None\" indicates that the implementation (provider) is capable of returning a value for this property, but not ever for this particular piece of hardware/software or the property is intentionally not used because it adds no meaningful information (as in the case of a property that is intended to add additional info to another property). \n\"Servicing\" describes an element being configured, maintained, cleaned, or otherwise administered. \n\"Starting\" describes an element being initialized. \n\"Stopping\" describes an element being brought to an orderly stop. \n\"Stopped\" and \"Aborted\" are similar, although the former implies a clean and orderly stop, while the latter implies an abrupt stop where the state and configuration of the element might need to be updated. \n\"Dormant\" indicates that the element is inactive or quiesced. \n\"Completed\" indicates that the element has completed its operation. This value should be combined with either OK, Error, or Degraded in the PrimaryStatus so that a client can tell if the complete operation Completed with OK (passed), Completed with Error (failed), or Completed with Degraded (the operation finished, but it did not complete OK or did not report an error). \n\"Migrating\" element is being moved between host elements. \n\"Immigrating\" element is being moved to new host element. \n\"Emigrating\" element is being moved away from host element. \n\"Shutting Down\" describes an element being brought to an abrupt stop. \n\"In Test\" element is performing test functions. \n\"Transitioning\" describes an element that is between states, that is, it is not fully available in either its previous state or its next state. This value should be used if other values indicating a transition to a specific state are not applicable.\n\"In Service\" describes an element that is in service and operational.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Servicing", "Starting", "Stopping", "Stopped", "Aborted", "Dormant", "Completed", "Migrating", "Emigrating", "Immigrating", "Snapshotting", "Shutting Down", "In Test", "Transitioning", "In Service", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperatingStatus; [Description("PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. \nPrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. \"Unknown\" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. \n\"OK\" indicates the ManagedElement is functioning normally. \n\"Degraded\" indicates the ManagedElement is functioning below normal. \n\"Error\" indicates the ManagedElement is in an Error condition.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; }; [Description("CIM_LogicalElement is a base class for all the components of a System that represent abstract system components, such as Files, Processes, or LogicalDevices.") : Amended ToSubclass,Version("2.6.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_LogicalElement : CIM_ManagedSystemElement { }; [Description("A Job is a LogicalElement that represents an executing unit of work, such as a script or a print job. A Job is distinct from a Process in that a Job can be scheduled or queued, and its execution is not limited to a single system.") : Amended ToSubclass,Version("2.10.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_Job : CIM_LogicalElement { [Description("A free-form string that represents the status of the job. The primary status is reflected in the inherited OperationalStatus property. JobStatus provides additional, implementation-specific details.") : Amended ToSubclass] string JobStatus; [Description("The time that the Job was submitted to execute. A value of all zeroes indicates that the owning element is not capable of reporting a date and time. Therefore, the ScheduledStartTime and StartTime are reported as intervals relative to the time their values are requested.") : Amended ToSubclass] datetime TimeSubmitted; [Description("The time that the current Job is scheduled to start. This time can be represented by the actual date and time, or an interval relative to the time that this property is requested. A value of all zeroes indicates that the Job is already executing. The property is deprecated in lieu of the more expressive scheduling properties, RunMonth, RunDay, RunDayOfWeek, and RunStartInterval.") : Amended ToSubclass] datetime ScheduledStartTime; [Description("The time that the Job was actually started. This time can be represented by an actual date and time, or by an interval relative to the time that this property is requested. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \\'last\\' run time can be stored in this single-valued property.") : Amended ToSubclass] datetime StartTime; [Description("The time interval that the Job has been executing or the total execution time if the Job is complete. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \\'last\\' run time can be stored in this single-valued property.") : Amended ToSubclass] datetime ElapsedTime; [Description("The number of times that the Job should be run. A value of 1 indicates that the Job is not recurring, while any non-zero value indicates a limit to the number of times that the Job will recur. Zero indicates that there is no limit to the number of times that the Job can be processed, but that it is terminated either after the UntilTime or by manual intervention. By default, a Job is processed once.") : Amended ToSubclass] uint32 JobRunTimes; [Description("The month during which the Job should be processed. Specify 0 for January, 1 for February, and so on.") : Amended ToSubclass,Values{"January", "February", "March", "April", "May", "June", "July", "August", "September", "October", "November", "December"} : Amended ToSubclass] uint8 RunMonth; [Description("The day in the month on which the Job should be processed. There are two different interpretations for this property, depending on the value of DayOfWeek. In one case, RunDay defines the day-in-month on which the Job is processed. This interpretation is used when the DayOfWeek is 0. A positive or negative integer indicates whether the RunDay should be calculated from the beginning or end of the month. For example, 5 indicates the fifth day in the RunMonth and -1 indicates the last day in the RunMonth. \n\nWhen RunDayOfWeek is not 0, RunDay is the day-in-month on which the Job is processed, defined in conjunction with RunDayOfWeek. For example, if RunDay is 15 and RunDayOfWeek is Saturday, then the Job is processed on the first Saturday on or after the 15th day in the RunMonth (for example, the third Saturday in the month). If RunDay is 20 and RunDayOfWeek is -Saturday, then this indicates the first Saturday on or before the 20th day in the RunMonth. If RunDay is -1 and RunDayOfWeek is -Sunday, then this indicates the last Sunday in the RunMonth.") : Amended ToSubclass] sint8 RunDay; [Description("A positive or negative integer used in conjunction with RunDay to indicate the day of the week on which the Job is processed. RunDayOfWeek is set to 0 to indicate an exact day of the month, such as March 1. A positive integer (representing Sunday, Monday, ..., Saturday) means that the day of week is found on or after the specified RunDay. A negative integer (representing -Sunday, -Monday, ..., -Saturday) means that the day of week is found on or BEFORE the RunDay.") : Amended ToSubclass,Values{"-Saturday", "-Friday", "-Thursday", "-Wednesday", "-Tuesday", "-Monday", "-Sunday", "ExactDayOfMonth", "Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday"} : Amended ToSubclass] sint8 RunDayOfWeek; [Description("The time interval after midnight when the Job should be processed. For example, \n00000000020000.000000:000 \nindicates that the Job should be run on or after two o\\'clock, local time or UTC time (distinguished using the LocalOrUtcTime property.") : Amended ToSubclass] datetime RunStartInterval; [Description("This property indicates whether the times represented in the RunStartInterval and UntilTime properties represent local times or UTC times. Time values are synchronized worldwide by using the enumeration value 2, \"UTC Time\".") : Amended ToSubclass,Values{"Local Time", "UTC Time"} : Amended ToSubclass] uint16 LocalOrUtcTime; [Description("The time after which the Job is invalid or should be stopped. This time can be represented by an actual date and time, or by an interval relative to the time that this property is requested. A value of all nines indicates that the Job can run indefinitely.") : Amended ToSubclass] datetime UntilTime; [Description("The User who is to be notified upon the Job completion or failure.") : Amended ToSubclass] string Notify; [Description("The User that submitted the Job, or the Service or method name that caused the job to be created.") : Amended ToSubclass] string Owner; [Description("Indicates the urgency or importance of execution of the Job. The lower the number, the higher the priority. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the setting information that would influence the results of a job.") : Amended ToSubclass] uint32 Priority; [Description("The percentage of the job that has completed at the time that this value is requested. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \\'last\\' run data can be stored in this single-valued property. \nNote that the value 101 is undefined and will be not be allowed in the next major revision of the specification.") : Amended ToSubclass,Units("Percent") : Amended ToSubclass] uint16 PercentComplete; [Description("Indicates whether or not the job should be automatically deleted upon completion. Note that the \\'completion\\' of a recurring job is defined by its JobRunTimes or UntilTime properties, or when the Job is terminated by manual intervention. If this property is set to false and the job completes, then the extrinsic method DeleteInstance must be used to delete the job instead of updating this property.") : Amended ToSubclass] boolean DeleteOnCompletion; [Description("A vendor-specific error code. The value must be set to zero if the Job completed without error. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \\'last\\' run error can be stored in this single-valued property.") : Amended ToSubclass] uint16 ErrorCode; [Description("A free-form string that contains the vendor error description. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \\'last\\' run error can be stored in this single-valued property.") : Amended ToSubclass] string ErrorDescription; [Description("Describes the recovery action to be taken for an unsuccessfully run Job. The possible values are: \n0 = \"Unknown\", meaning it is unknown as to what recovery action to take \n1 = \"Other\", indicating that the recovery action will be specified in the OtherRecoveryAction property \n2 = \"Do Not Continue\", meaning stop the execution of the job and appropriately update its status \n3 = \"Continue With Next Job\", meaning continue with the next job in the queue \n4 = \"Re-run Job\", indicating that the job should be re-run \n5 = \"Run Recovery Job\", meaning run the Job associated using the RecoveryJob relationship. Note that the recovery Job must already be in the queue from which it will run.") : Amended ToSubclass,Values{"Unknown", "Other", "Do Not Continue", "Continue With Next Job", "Re-run Job", "Run Recovery Job"} : Amended ToSubclass] uint16 RecoveryAction; [Description("A string describing the recovery action when the RecoveryAction property of the instance is 1 (\"Other\").") : Amended ToSubclass] string OtherRecoveryAction; [Description("KillJob is being deprecated because there is no distinction made between an orderly shutdown and an immediate kill. CIM_ConcreteJob.RequestStateChange() provides \\'Terminate\\' and \\'Kill\\' options to allow this distinction. \nA method to kill this job and any underlying processes, and to remove any \\'dangling\\' associations.") : Amended ToSubclass,Values{"Success", "Not Supported", "Unknown", "Timeout", "Failed", "Access Denied", "Not Found", "DMTF Reserved", "Vendor Specific"} : Amended ToSubclass] uint32 KillJob([In,Description("Indicates whether or not the Job should be automatically deleted upon termination. This parameter takes precedence over the property, DeleteOnCompletion.") : Amended ToSubclass] boolean DeleteOnKill); }; [Description("A concrete version of Job. This class represents a generic and instantiable unit of work, such as a batch or a print job.") : Amended ToSubclass,Version("2.22.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_ConcreteJob : CIM_Job { [Description("Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. In order to ensure uniqueness within the NameSpace, the value of InstanceID SHOULD be constructed using the following \\'preferred\\' algorithm: \n: \nWhere and are separated by a colon \\':\\', and where must include a copyrighted, trademarked or otherwise unique name that is owned by the business entity that is creating or defining the InstanceID, or that is a registered ID that is assigned to the business entity by a recognized global authority. (This requirement is similar to the _ structure of Schema class names.) In addition, to ensure uniqueness must not contain a colon (\\':\\'). When using this algorithm, the first colon to appear in InstanceID must appear between and . \n is chosen by the business entity and should not be re-used to identify different underlying (real-world) elements. If the above \\'preferred\\' algorithm is not used, the defining entity must assure that the resulting InstanceID is not re-used across any InstanceIDs produced by this or other providers for the NameSpace of this instance. \nFor DMTF defined instances, the \\'preferred\\' algorithm must be used with the set to \\'CIM\\'.") : Amended ToSubclass,key] string InstanceID; [Description("The user-friendly name for this instance of a Job. In addition, the user-friendly name can be used as a property for a search or query. (Note: Name does not have to be unique within a namespace.)") : Amended ToSubclass] string Name; [Description("JobState is an integer enumeration that indicates the operational state of a Job. It can also indicate transitions between these states, for example, \\'Shutting Down\\' and \\'Starting\\'. Following is a brief description of the states: \nNew (2) indicates that the job has never been started. \nStarting (3) indicates that the job is moving from the \\'New\\', \\'Suspended\\', or \\'Service\\' states into the \\'Running\\' state. \nRunning (4) indicates that the Job is running. \nSuspended (5) indicates that the Job is stopped, but can be restarted in a seamless manner. \nShutting Down (6) indicates that the job is moving to a \\'Completed\\', \\'Terminated\\', or \\'Killed\\' state. \nCompleted (7) indicates that the job has completed normally. \nTerminated (8) indicates that the job has been stopped by a \\'Terminate\\' state change request. The job and all its underlying processes are ended and can be restarted (this is job-specific) only as a new job. \nKilled (9) indicates that the job has been stopped by a \\'Kill\\' state change request. Underlying processes might have been left running, and cleanup might be required to free up resources. \nException (10) indicates that the Job is in an abnormal state that might be indicative of an error condition. Actual status might be displayed though job-specific objects. \nService (11) indicates that the Job is in a vendor-specific state that supports problem discovery, or resolution, or both.\nQuery pending (12) waiting for a client to resolve a query") : Amended ToSubclass,Values{"New", "Starting", "Running", "Suspended", "Shutting Down", "Completed", "Terminated", "Killed", "Exception", "Service", "Query Pending", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 JobState; [Description("The date or time when the state of the Job last changed. If the state of the Job has not changed and this property is populated, then it must be set to a 0 interval value. If a state change was requested, but rejected or not yet processed, the property must not be updated.") : Amended ToSubclass] datetime TimeOfLastStateChange; [Description("The amount of time that the Job is retained after it has finished executing, either succeeding or failing in that execution. The job must remain in existence for some period of time regardless of the value of the DeleteOnCompletion property. \nThe default is five minutes.") : Amended ToSubclass] datetime TimeBeforeRemoval; [Description("Requests that the state of the job be changed to the value specified in the RequestedState parameter. Invoking the RequestStateChange method multiple times could result in earlier requests being overwritten or lost. \nIf 0 is returned, then the task completed successfully. Any other return code indicates an error condition.") : Amended ToSubclass,Values{"Completed with No Error", "Not Supported", "Unknown/Unspecified Error", "Can NOT complete within Timeout Period", "Failed", "Invalid Parameter", "In Use", "DMTF Reserved", "Method Parameters Checked - Transition Started", "Invalid State Transition", "Use of Timeout Parameter Not Supported", "Busy", "Method Reserved", "Vendor Specific"} : Amended ToSubclass] uint32 RequestStateChange([In,Description("RequestStateChange changes the state of a job. The possible values are as follows: \nStart (2) changes the state to \\'Running\\'. \nSuspend (3) stops the job temporarily. The intention is to subsequently restart the job with \\'Start\\'. It might be possible to enter the \\'Service\\' state while suspended. (This is job-specific.) \nTerminate (4) stops the job cleanly, saving data, preserving the state, and shutting down all underlying processes in an orderly manner. \nKill (5) terminates the job immediately with no requirement to save data or preserve the state. \nService (6) puts the job into a vendor-specific service state. It might be possible to restart the job.") : Amended ToSubclass,Values{"Start", "Suspend", "Terminate", "Kill", "Service", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 RequestedState,[In,Description("A timeout period that specifies the maximum amount of time that the client expects the transition to the new state to take. The interval format must be used to specify the TimeoutPeriod. A value of 0 or a null parameter indicates that the client has no time requirements for the transition. \nIf this property does not contain 0 or null and the implementation does not support this parameter, a return code of \\'Use Of Timeout Parameter Not Supported\\' must be returned.") : Amended ToSubclass] datetime TimeoutPeriod); [Description("When the job is executing or has terminated without error, then this method returns no CIM_Error instance. However, if the job has failed because of some internal problem or because the job has been terminated by a client, then a CIM_Error instance is returned.") : Amended ToSubclass,Values{"Success", "Not Supported", "Unspecified Error", "Timeout", "Failed", "Invalid Parameter", "Access Denied", "DMTF Reserved", "Vendor Specific"} : Amended ToSubclass] uint32 GetError([Out,Description("If the OperationalStatus on the Job is not \"OK\", then this method will return a CIM Error instance. Otherwise, when the Job is \"OK\", null is returned.") : Amended ToSubclass] CIM_Error Error); }; [Version("2.10.0") : Amended,Description("CIM_Dependency is a generic association used to establish dependency relationships between ManagedElements.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class CIM_Dependency { [key,Description("Antecedent represents the independent object in this association.") : Amended ToSubclass] CIM_ManagedElement Ref Antecedent; [key,Description("Dependent represents the object that is dependent on the Antecedent.") : Amended ToSubclass] CIM_ManagedElement Ref Dependent; }; [Description("This class extends LogicalElement to abstract the concept of an element that is enabled and disabled, such as a LogicalDevice or a ServiceAccessPoint.") : Amended ToSubclass,Version("2.22.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_EnabledLogicalElement : CIM_LogicalElement { [Description("EnabledState is an integer enumeration that indicates the enabled and disabled states of an element. It can also indicate the transitions between these requested states. For example, shutting down (value=4) and starting (value=10) are transient states between enabled and disabled. The following text briefly summarizes the various enabled and disabled states: \nEnabled (2) indicates that the element is or could be executing commands, will process any queued commands, and queues new requests. \nDisabled (3) indicates that the element will not execute commands and will drop any new requests. \nShutting Down (4) indicates that the element is in the process of going to a Disabled state. \nNot Applicable (5) indicates the element does not support being enabled or disabled. \nEnabled but Offline (6) indicates that the element might be completing commands, and will drop any new requests. \nTest (7) indicates that the element is in a test state. \nDeferred (8) indicates that the element might be completing commands, but will queue any new requests. \nQuiesce (9) indicates that the element is enabled but in a restricted mode.\nStarting (10) indicates that the element is in the process of going to an Enabled state. New requests are queued.") : Amended ToSubclass,Values{"Unknown", "Other", "Enabled", "Disabled", "Shutting Down", "Not Applicable", "Enabled but Offline", "In Test", "Deferred", "Quiesce", "Starting", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 EnabledState; [Description("A string that describes the enabled or disabled state of the element when the EnabledState property is set to 1 (\"Other\"). This property must be set to null when EnabledState is any value other than 1.") : Amended ToSubclass] string OtherEnabledState; [Description("RequestedState is an integer enumeration that indicates the last requested or desired state for the element, irrespective of the mechanism through which it was requested. The actual state of the element is represented by EnabledState. This property is provided to compare the last requested and current enabled or disabled states. Note that when EnabledState is set to 5 (\"Not Applicable\"), then this property has no meaning. Refer to the EnabledState property description for explanations of the values in the RequestedState enumeration. \n\"Unknown\" (0) indicates the last requested state for the element is unknown.\nNote that the value \"No Change\" (5) has been deprecated in lieu of indicating the last requested state is \"Unknown\" (0). If the last requested or desired state is unknown, RequestedState should have the value \"Unknown\" (0), but may have the value \"No Change\" (5).Offline (6) indicates that the element has been requested to transition to the Enabled but Offline EnabledState. \nIt should be noted that there are two new values in RequestedState that build on the statuses of EnabledState. These are \"Reboot\" (10) and \"Reset\" (11). Reboot refers to doing a \"Shut Down\" and then moving to an \"Enabled\" state. Reset indicates that the element is first \"Disabled\" and then \"Enabled\". The distinction between requesting \"Shut Down\" and \"Disabled\" should also be noted. Shut Down requests an orderly transition to the Disabled state, and might involve removing power, to completely erase any existing state. The Disabled state requests an immediate disabling of the element, such that it will not execute or accept any commands or processing requests. \n\nThis property is set as the result of a method invocation (such as Start or StopService on CIM_Service), or can be overridden and defined as WRITEable in a subclass. The method approach is considered superior to a WRITEable property, because it allows an explicit invocation of the operation and the return of a result code. \n\nIf knowledge of the last RequestedState is not supported for the EnabledLogicalElement, the property shall be NULL or have the value 12 \"Not Applicable\".") : Amended ToSubclass,Values{"Unknown", "Enabled", "Disabled", "Shut Down", "No Change", "Offline", "Test", "Deferred", "Quiesce", "Reboot", "Reset", "Not Applicable", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 RequestedState; [Description("An enumerated value indicating an administrator\\'s default or startup configuration for the Enabled State of an element. By default, the element is \"Enabled\" (value=2).") : Amended ToSubclass,Values{"Enabled", "Disabled", "Not Applicable", "Enabled but Offline", "No Default", "Quiesce", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 EnabledDefault; [Description("The date or time when the EnabledState of the element last changed. If the state of the element has not changed and this property is populated, then it must be set to a 0 interval value. If a state change was requested, but rejected or not yet processed, the property must not be updated.") : Amended ToSubclass] datetime TimeOfLastStateChange; [Description("AvailableRequestedStates indicates the possible values for the RequestedState parameter of the method RequestStateChange, used to initiate a state change. The values listed shall be a subset of the values contained in the RequestedStatesSupported property of the associated instance of CIM_EnabledLogicalElementCapabilities where the values selected are a function of the current state of the CIM_EnabledLogicalElement. This property may be non-null if an implementation is able to advertise the set of possible values as a function of the current state. This property shall be null if an implementation is unable to determine the set of possible values as a function of the current state.") : Amended ToSubclass,Values{"Enabled", "Disabled", "Shut Down", "Offline", "Test", "Defer", "Quiesce", "Reboot", "Reset", "DMTF Reserved"} : Amended ToSubclass] uint16 AvailableRequestedStates[]; [Description("TransitioningToState indicates the target state to which the instance is transitioning. \nA value of 5 \"No Change\" shall indicate that no transition is in progress.A value of 12 \"Not Applicable\" shall indicate the implementation does not support representing ongoing transitions. \nA value other than 5 or 12 shall identify the state to which the element is in the process of transitioning.") : Amended ToSubclass,Values{"Unknown", "Enabled", "Disabled", "Shut Down", "No Change", "Offline", "Test", "Defer", "Quiesce", "Reboot", "Reset", "Not Applicable", "DMTF Reserved"} : Amended ToSubclass] uint16 TransitioningToState; [Description("Requests that the state of the element be changed to the value specified in the RequestedState parameter. When the requested state change takes place, the EnabledState and RequestedState of the element will be the same. Invoking the RequestStateChange method multiple times could result in earlier requests being overwritten or lost. \nA return code of 0 shall indicate the state change was successfully initiated. \nA return code of 3 shall indicate that the state transition cannot complete within the interval specified by the TimeoutPeriod parameter. \nA return code of 4096 (0x1000) shall indicate the state change was successfully initiated, a ConcreteJob has been created, and its reference returned in the output parameter Job. Any other return code indicates an error condition.") : Amended ToSubclass,Values{"Completed with No Error", "Not Supported", "Unknown or Unspecified Error", "Cannot complete within Timeout Period", "Failed", "Invalid Parameter", "In Use", "DMTF Reserved", "Method Parameters Checked - Job Started", "Invalid State Transition", "Use of Timeout Parameter Not Supported", "Busy", "Method Reserved", "Vendor Specific"} : Amended ToSubclass] uint32 RequestStateChange([In,Description("The state requested for the element. This information will be placed into the RequestedState property of the instance if the return code of the RequestStateChange method is 0 (\\'Completed with No Error\\'), or 4096 (0x1000) (\\'Job Started\\'). Refer to the description of the EnabledState and RequestedState properties for the detailed explanations of the RequestedState values.") : Amended ToSubclass,Values{"Enabled", "Disabled", "Shut Down", "Offline", "Test", "Defer", "Quiesce", "Reboot", "Reset", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 RequestedState,[Out,Description("May contain a reference to the ConcreteJob created to track the state transition initiated by the method invocation.") : Amended ToSubclass] CIM_ConcreteJob Ref Job,[In,Description("A timeout period that specifies the maximum amount of time that the client expects the transition to the new state to take. The interval format must be used to specify the TimeoutPeriod. A value of 0 or a null parameter indicates that the client has no time requirements for the transition. \nIf this property does not contain 0 or null and the implementation does not support this parameter, a return code of \\'Use Of Timeout Parameter Not Supported\\' shall be returned.") : Amended ToSubclass] datetime TimeoutPeriod); }; [Version("2.22.1") : Amended,Description("CIM_Error is a specialized class that contains information about the severity, cause, recommended actions and other data related to the failure of a CIM Operation. Instances of this type MAY be included as part of the response to a CIM Operation.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class CIM_Error { [Description("Primary classification of the error. The following values are defined: \n2 - Communications Error. Errors of this type are principally associated with the procedures and/or processes required to convey information from one point to another. \n3 - Quality of Service Error. Errors of this type are principally associated with failures that result in reduced functionality or performance. \n4 - Software Error. Error of this type are principally associated with a software or processing fault. \n5 - Hardware Error. Errors of this type are principally associated with an equipment or hardware failure. \n6 - Environmental Error. Errors of this type are principally associated with a failure condition relating the to facility, or other environmental considerations. \n7 - Security Error. Errors of this type are associated with security violations, detection of viruses, and similar issues. \n8 - Oversubscription Error. Errors of this type are principally associated with the failure to allocate sufficient resources to complete the operation. \n9 - Unavailable Resource Error. Errors of this type are principally associated with the failure to access a required resource. \n10 -Unsupported Operation Error. Errors of this type are principally associated with requests that are not supported.") : Amended ToSubclass,Values{"Unknown", "Other", "Communications Error", "Quality of Service Error", "Software Error", "Hardware Error", "Environmental Error", "Security Error", "Oversubscription Error", "Unavailable Resource Error", "Unsupported Operation Error", "DMTF Reserved"} : Amended ToSubclass] uint16 ErrorType; [Description("A free-form string describing the ErrorType when 1, \"Other\", is specified as the ErrorType.") : Amended ToSubclass] string OtherErrorType; [Description("A string that uniquely identifies the entity that owns the definition of the format of the Message described in this instance. OwningEntity MUST include a copyrighted, trademarked or otherwise unique name that is owned by the business entity or standards body defining the format.") : Amended ToSubclass] string OwningEntity; [Description("An opaque string that uniquely identifies, within the scope of the OwningEntity, the format of the Message.") : Amended ToSubclass] string MessageID; [Description("The formatted message. This message is constructed by combining some or all of the dynamic elements specified in the MessageArguments property with the static elements uniquely identified by the MessageID in a message registry or other catalog associated with the OwningEntity.") : Amended ToSubclass] string Message; [Description("An array containing the dynamic content of the message.") : Amended ToSubclass] string MessageArguments[]; [Description("An enumerated value that describes the severity of the Indication from the notifier\\'s point of view: \n0 - the Perceived Severity of the indication is unknown or indeterminate. \n1 - Other, by CIM convention, is used to indicate that the Severity\\'s value can be found in the OtherSeverity property. \n2 - Information should be used when providing an informative response. \n3 - Degraded/Warning should be used when its appropriate to let the user decide if action is needed. \n4 - Minor should be used to indicate action is needed, but the situation is not serious at this time. \n5 - Major should be used to indicate action is needed NOW. \n6 - Critical should be used to indicate action is needed NOW and the scope is broad (perhaps an imminent outage to a critical resource will result). \n7 - Fatal/NonRecoverable should be used to indicate an error occurred, but it\\'s too late to take remedial action. \n2 and 0 - Information and Unknown (respectively) follow common usage. Literally, the Error is purely informational or its severity is simply unknown.") : Amended ToSubclass,Values{"Unknown", "Other", "Information", "Degraded/Warning", "Minor", "Major", "Critical", "Fatal/NonRecoverable", "DMTF Reserved"} : Amended ToSubclass] uint16 PerceivedSeverity; [Description("An enumerated value that describes the probable cause of the error.") : Amended ToSubclass,Values{"Unknown", "Other", "Adapter/Card Error", "Application Subsystem Failure", "Bandwidth Reduced", "Connection Establishment Error", "Communications Protocol Error", "Communications Subsystem Failure", "Configuration/Customization Error", "Congestion", "Corrupt Data", "CPU Cycles Limit Exceeded", "Dataset/Modem Error", "Degraded Signal", "DTE-DCE Interface Error", "Enclosure Door Open", "Equipment Malfunction", "Excessive Vibration", "File Format Error", "Fire Detected", "Flood Detected", "Framing Error", "HVAC Problem", "Humidity Unacceptable", "I/O Device Error", "Input Device Error", "LAN Error", "Non-Toxic Leak Detected", "Local Node Transmission Error", "Loss of Frame", "Loss of Signal", "Material Supply Exhausted", "Multiplexer Problem", "Out of Memory", "Output Device Error", "Performance Degraded", "Power Problem", "Pressure Unacceptable", "Processor Problem (Internal Machine Error)", "Pump Failure", "Queue Size Exceeded", "Receive Failure", "Receiver Failure", "Remote Node Transmission Error", "Resource at or Nearing Capacity", "Response Time Excessive", "Retransmission Rate Excessive", "Software Error", "Software Program Abnormally Terminated", "Software Program Error (Incorrect Results)", "Storage Capacity Problem", "Temperature Unacceptable", "Threshold Crossed", "Timing Problem", "Toxic Leak Detected", "Transmit Failure", "Transmitter Failure", "Underlying Resource Unavailable", "Version Mismatch", "Previous Alert Cleared", "Login Attempts Failed", "Software Virus Detected", "Hardware Security Breached", "Denial of Service Detected", "Security Credential Mismatch", "Unauthorized Access", "Alarm Received", "Loss of Pointer", "Payload Mismatch", "Transmission Error", "Excessive Error Rate", "Trace Problem", "Element Unavailable", "Element Missing", "Loss of Multi Frame", "Broadcast Channel Failure", "Invalid Message Received", "Routing Failure", "Backplane Failure", "Identifier Duplication", "Protection Path Failure", "Sync Loss or Mismatch", "Terminal Problem", "Real Time Clock Failure", "Antenna Failure", "Battery Charging Failure", "Disk Failure", "Frequency Hopping Failure", "Loss of Redundancy", "Power Supply Failure", "Signal Quality Problem", "Battery Discharging", "Battery Failure", "Commercial Power Problem", "Fan Failure", "Engine Failure", "Sensor Failure", "Fuse Failure", "Generator Failure", "Low Battery", "Low Fuel", "Low Water", "Explosive Gas", "High Winds", "Ice Buildup", "Smoke", "Memory Mismatch", "Out of CPU Cycles", "Software Environment Problem", "Software Download Failure", "Element Reinitialized", "Timeout", "Logging Problems", "Leak Detected", "Protection Mechanism Failure", "Protecting Resource Failure", "Database Inconsistency", "Authentication Failure", "Breach of Confidentiality", "Cable Tamper", "Delayed Information", "Duplicate Information", "Information Missing", "Information Modification", "Information Out of Sequence", "Key Expired", "Non-Repudiation Failure", "Out of Hours Activity", "Out of Service", "Procedural Error", "Unexpected Information", "DMTF Reserved"} : Amended ToSubclass] uint16 ProbableCause; [Description("A free-form string describing the probable cause of the error.") : Amended ToSubclass] string ProbableCauseDescription; [Description("A free-form string describing recommended actions to take to resolve the error.") : Amended ToSubclass] string RecommendedActions[]; [Description("The identifying information of the entity (i.e., the instance) generating the error. If this entity is modeled in the CIM Schema, this property contains the path of the instance encoded as a string parameter. If not modeled, the property contains some identifying string that names the entity that generated the error. The path or identifying string is formatted per the ErrorSourceFormat property.") : Amended ToSubclass] string ErrorSource; [Description("The format of the ErrorSource property is interpretable based on the value of this property. Values are defined as: \n0 - Unknown. The format is unknown or not meaningfully interpretable by a CIM client application. \n1 - Other. The format is defined by the value of the OtherErrorSourceFormat property.2 - CIMObjectPath. A CIM Object Path as defined in the CIM Infrastructure specification. Note: CIM 2.5 and earlier used the term object names.") : Amended ToSubclass,Values{"Unknown", "Other", "CIMObjectPath", "DMTF Reserved"} : Amended ToSubclass] uint16 ErrorSourceFormat; [Description("A string defining \"Other\" values for ErrorSourceFormat. This value MUST be set to a non NULL value when ErrorSourceFormat is set to a value of 1 (\"Other\"). For all other values of ErrorSourceFormat, the value of this string must be set to NULL.") : Amended ToSubclass] string OtherErrorSourceFormat; [Description("The CIM status code that characterizes this instance. \nThis property defines the status codes that MAY be return by a conforming CIM Server or Listener. Note that not all status codes are valid for each operation. The specification for each operation SHOULD define the status codes that may be returned by that operation. \nThe following values for CIM status code are defined: \n1 - CIM_ERR_FAILED. A general error occurred that is not covered by a more specific error code. \n2 - CIM_ERR_ACCESS_DENIED. Access to a CIM resource was not available to the client. \n3 - CIM_ERR_INVALID_NAMESPACE. The target namespace does not exist. \n4 - CIM_ERR_INVALID_PARAMETER. One or more parameter values passed to the method were invalid. \n5 - CIM_ERR_INVALID_CLASS. The specified Class does not exist. \n6 - CIM_ERR_NOT_FOUND. The requested object could not be found. \n7 - CIM_ERR_NOT_SUPPORTED. The requested operation is not supported. \n8 - CIM_ERR_CLASS_HAS_CHILDREN. Operation cannot be carried out on this class since it has instances. \n9 - CIM_ERR_CLASS_HAS_INSTANCES. Operation cannot be carried out on this class since it has instances. \n10 - CIM_ERR_INVALID_SUPERCLASS. Operation cannot be carried out since the specified superclass does not exist. \n11 - CIM_ERR_ALREADY_EXISTS. Operation cannot be carried out because an object already exists. \n12 - CIM_ERR_NO_SUCH_PROPERTY. The specified Property does not exist. \n13 - CIM_ERR_TYPE_MISMATCH. The value supplied is incompatible with the type. \n14 - CIM_ERR_QUERY_LANGUAGE_NOT_SUPPORTED. The query language is not recognized or supported. \n15 - CIM_ERR_INVALID_QUERY. The query is not valid for the specified query language. \n16 - CIM_ERR_METHOD_NOT_AVAILABLE. The extrinsic Method could not be executed. \n17 - CIM_ERR_METHOD_NOT_FOUND. The specified extrinsic Method does not exist. \n18 - CIM_ERR_UNEXPECTED_RESPONSE. The returned response to the asynchronous operation was not expected. \n19 - CIM_ERR_INVALID_RESPONSE_DESTINATION. The specified destination for the asynchronous response is not valid. \n20 - CIM_ERR_NAMESPACE_NOT_EMPTY. The specified Namespace is not empty.\n21 - CIM_ERR_INVALID_ENUMERATION_CONTEXT. The enumeration context supplied is not valid.\n22 - CIM_ERR_INVALID_OPERATION_TIMEOUT. The specified Namespace is not empty.\n23 - CIM_ERR_PULL_HAS_BEEN_ABANDONED. The specified Namespace is not empty.\n24 - CIM_ERR_PULL_CANNOT_BE_ABANDONED. The attempt to abandon a pull operation has failed.\n25 - CIM_ERR_FILTERED_ENUMERATION_NOT_SUPPORTED. Filtered Enumeratrions are not supported.\n26 - CIM_ERR_CONTINUATION_ON_ERROR_NOT_SUPPORTED. Continue on error is not supported.\n27 - CIM_ERR_SERVER_LIMITS_EXCEEDED. The WBEM Server limits have been exceeded (e.g. memory, connections, ...).\n28 - CIM_ERR_SERVER_IS_SHUTTING_DOWN. The WBEM Server is shutting down.\n29 - CIM_ERR_QUERY_FEATURE_NOT_SUPPORTED. The specified Query Feature is not supported.") : Amended ToSubclass,Values{"CIM_ERR_FAILED", "CIM_ERR_ACCESS_DENIED", "CIM_ERR_INVALID_NAMESPACE", "CIM_ERR_INVALID_PARAMETER", "CIM_ERR_INVALID_CLASS", "CIM_ERR_NOT_FOUND", "CIM_ERR_NOT_SUPPORTED", "CIM_ERR_CLASS_HAS_CHILDREN", "CIM_ERR_CLASS_HAS_INSTANCES", "CIM_ERR_INVALID_SUPERCLASS", "CIM_ERR_ALREADY_EXISTS", "CIM_ERR_NO_SUCH_PROPERTY", "CIM_ERR_TYPE_MISMATCH", "CIM_ERR_QUERY_LANGUAGE_NOT_SUPPORTED", "CIM_ERR_INVALID_QUERY", "CIM_ERR_METHOD_NOT_AVAILABLE", "CIM_ERR_METHOD_NOT_FOUND", "CIM_ERR_UNEXPECTED_RESPONSE", "CIM_ERR_INVALID_RESPONSE_DESTINATION", "CIM_ERR_NAMESPACE_NOT_EMPTY", "CIM_ERR_INVALID_ENUMERATION_CONTEXT", "CIM_ERR_INVALID_OPERATION_TIMEOUT", "CIM_ERR_PULL_HAS_BEEN_ABANDONED", "CIM_ERR_PULL_CANNOT_BE_ABANDONED", "CIM_ERR_FILTERED_ENUMERATION_NOT_SUPPORTED", "CIM_ERR_CONTINUATION_ON_ERROR_NOT_SUPPORTED", "CIM_ERR_SERVER_LIMITS_EXCEEDED", "CIM_ERR_SERVER_IS_SHUTTING_DOWN", "CIM_ERR_QUERY_FEATURE_NOT_SUPPORTED", "DMTF Reserved"} : Amended ToSubclass] uint32 CIMStatusCode; [Description("A free-form string containing a human-readable description of CIMStatusCode. This description MAY extend, but MUST be consistent with, the definition of CIMStatusCode.") : Amended ToSubclass] string CIMStatusCodeDescription; }; [Description("A FilterList aggregates instances of (subclasses of) FilterEntryBase via the aggregation EntriesInFilterList. The filter entries are always ANDed together when grouped by the FilterList. Note that it is possible to aggregate different types of filters into a single FilterList - for example, packet header filters (represented by the IpHeadersFilter class) and IPsec security filters. \n\nA FilterList is weak to the network device (e.g., the ComputerSystem) that contains it. Hence, the ComputerSystem keys are propagated to this class.") : Amended ToSubclass,Version("2.7.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_FilterEntryBase : CIM_LogicalElement { [Description("The Name property defines the label by which the Filter Entry is known and uniquely identified.") : Amended ToSubclass,key] string Name; [key,Description("The scoping ComputerSystem\\'s CreationClassName.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("The scoping ComputerSystem\\'s Name.") : Amended ToSubclass] string SystemName; [key,Description("CreationClassName indicates the name of the class or the subclass used in the creation of an instance. When used with the other key properties of this class, this property allows all instances of this class and its subclasses to be uniquely identified.") : Amended ToSubclass] string CreationClassName; [Description("Boolean indicating that the match condition described in the properties of the FilterEntryBase subclass should be negated. This property is defined for ease of use when filtering on simple negations - for example, to select all source ports except 162. It is not recommended that this Boolean be set to True when filtering on multiple criteria, such as defining an IPHeadersFilter based on source/destination addresses, ports, and DiffServ Code Points.") : Amended ToSubclass] boolean IsNegated; }; [Description("An abstract class defining the common properties of the policy managed elements derived from CIM_Policy. The subclasses are used to create rules and groups of rules that work together to form a coherent set of policies within an administrative domain or set of domains.") : Amended ToSubclass,Version("2.6.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_Policy : CIM_ManagedElement { [Description("A user-friendly name of this policy-related object.") : Amended ToSubclass] string CommonName; [Description("An array of keywords for characterizing / categorizing policy objects. Keywords are of one of two types: \n- Keywords defined in this and other MOFs, or in DMTF white papers. These keywords provide a vendor- independent, installation-independent way of characterizing policy objects. \n- Installation-dependent keywords for characterizing policy objects. Examples include \\'Engineering\\', \\'Billing\\', and \\'Review in December 2000\\'. \nThis MOF defines the following keywords: \\'UNKNOWN\\', \\'CONFIGURATION\\', \\'USAGE\\', \\'SECURITY\\', \\'SERVICE\\', \\'MOTIVATIONAL\\', \\'INSTALLATION\\', and \\'EVENT\\'. These concepts are self-explanatory and are further discussed in the SLA/Policy White Paper. One additional keyword is defined: \\'POLICY\\'. The role of this keyword is to identify policy-related instances that may not be otherwise identifiable, in some implementations. The keyword \\'POLICY\\' is NOT mutually exclusive of the other keywords specified above.") : Amended ToSubclass] string PolicyKeywords[]; }; [Description("A class representing a rule-specific or reusable policy action to be performed if the PolicyConditions for a Policy Rule evaluate to TRUE. Since all operational details of a PolicyAction are provided in subclasses of this object, this class is abstract.") : Amended ToSubclass,Version("2.8.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_PolicyAction : CIM_Policy { [key,Description("The name of the class or the subclass used in the creation of the System object in whose scope this PolicyAction is defined. \n\nThis property helps to identify the System object in whose scope this instance of PolicyAction exists. For a rule-specific PolicyAction, this is the System in whose context the PolicyRule is defined. For a reusable PolicyAction, this is the instance of PolicyRepository (which is a subclass of System) that holds the Action. \n\nNote that this property, and the analogous property SystemName, do not represent propagated keys from an instance of the class System. Instead, they are properties defined in the context of this class, which repeat the values from the instance of System to which this PolicyAction is related, either directly via the PolicyActionInPolicyRepository association or indirectly via the PolicyActionInPolicyRule aggregation.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("The name of the System object in whose scope this PolicyAction is defined. \n\nThis property completes the identification of the System object in whose scope this instance of PolicyAction exists. For a rule-specific PolicyAction, this is the System in whose context the PolicyRule is defined. For a reusable PolicyAction, this is the instance of PolicyRepository (which is a subclass of System) that holds the Action.") : Amended ToSubclass] string SystemName; [key,Description("For a rule-specific PolicyAction, the CreationClassName of the PolicyRule object with which this Action is associated. For a reusable PolicyAction, a special value, \\'NO RULE\\', should be used to indicate that this Action is reusable and not associated with a single PolicyRule.") : Amended ToSubclass] string PolicyRuleCreationClassName; [key,Description("For a rule-specific PolicyAction, the name of the PolicyRule object with which this Action is associated. For a reusable PolicyAction, a special value, \\'NO RULE\\', should be used to indicate that this Action is reusable and not associated with a single PolicyRule.") : Amended ToSubclass] string PolicyRuleName; [key,Description("CreationClassName indicates the name of the class or the subclass used in the creation of an instance. When used with the other key properties of this class, this property allows all instances of this class and its subclasses to be uniquely identified.") : Amended ToSubclass] string CreationClassName; [key,Description("A user-friendly name of this PolicyAction.") : Amended ToSubclass] string PolicyActionName; [Description("DoActionLogging causes a log message to be generated when the action is performed.") : Amended ToSubclass] boolean DoActionLogging; }; [Description("SAAction is the base class for the various types of key exchange or IPsec actions. It is abstract and used to categorize the different types of actions of SARules.") : Amended ToSubclass,Version("2.8.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_SAAction : CIM_PolicyAction { [Description("DoPacketLogging causes a log message to be generated when the action is applied to a packet.") : Amended ToSubclass] boolean DoPacketLogging; }; [Description("SANegotiationAction is the base class for negotiated SAs. It is abstract, specifying the common parameters that control the IPsec phase 1 and phase 2 negotiations.") : Amended ToSubclass,Version("2.8.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_SANegotiationAction : CIM_SAAction { [Description("MinLifetimeSeconds prevents certain denial of service attacks where the peer requests an arbitrarily low lifetime value, causing renegotiations with expensive Diffie-Hellman operations. The property specifies the minimum lifetime, in seconds, that will be accepted from the peer. A value of zero (the default) indicates that there is no minimum value. A non-zero value specifies the minimum seconds lifetime.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 MinLifetimeSeconds; [Description("IdleDurationSeconds is the time an SA can remain idle (i.e., no traffic protected using the security association) before it is automatically deleted. The default (zero) value indicates that there is no idle duration timer and that the SA is deleted based upon the SA seconds and kilobyte lifetimes. Any non-zero value indicates the number of seconds that the SA may remain unused.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 IdleDurationSeconds; [Description("MinLifetimeKilobytes prevents certain denial of service attacks where the peer requests an arbitrarily low lifetime value, causing renegotiations with expensive Diffie-Hellman operations. The property specifies the minimum lifetime, in kilobytes, that will be accepted from the peer. A value of zero (the default) indicates that there is no minimum value. A non-zero value specifies the minimum kilobytes lifetime. Note that there has been considerable debate regarding the usefulness of applying kilobyte lifetimes to phase 1 security associations, so it is likely that this property will only apply to the subclass, IPsecAction.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 MinLifetimeKilobytes; }; [Description("IKEAction specifies the parameters to use for an IPsec IKE phase 1 negotiation.") : Amended ToSubclass,Version("2.8.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_IKEAction : CIM_SANegotiationAction { [Description("The ExchangeMode designates the mode IKE should use for its key negotiations.") : Amended ToSubclass,Values{"Base", "Main", "Aggressive"} : Amended ToSubclass] uint16 ExchangeMode; [Description("UseIKEIdentityType specifies what network identity type should be used when negotiating with the peer. It is used in conjunction with the available IPNetworkIdentity instances, that are associated with an IPProtocolEndpoint.") : Amended ToSubclass,Values{"Other", "IPV4 Address", "FQDN", "User FQDN", "IPV4 Subnet Address", "IPV6 Address", "IPV6 Subnet Address", "IPV4 Address Range", "IPV6 Address Range", "DER ASN1 DN", "DER ASN1 GN", "KEY ID", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 UseIKEIdentityType; [Description("VendorID specifies the value to be used in the Vendor ID payload. An empty string (the default) means that the Vendor ID payload will not be generated or accepted. A non-NULL value means that a Vendor ID payload will be generated (when acting as an initiator) or is expected (when acting as a responder).") : Amended ToSubclass] string VendorID; [Description("When IKEAction.ExchangeMode is set to \"Aggressive\" (4), this property specifies the key exchange groupID to use in the first packets of the phase 1 negotiation. This property is ignored unless the ExchangeMode is \\'aggressive\\'. If the GroupID number is from the vendor- specific range (32768-65535), the VendorID qualifies the group number. Well-known group identifiers from RFC2412, Appendix E, are: Group 1=\\'768 bit prime\\', Group 2=\\'1024 bit prime\\', Group 3=\\'Elliptic Curve Group with 155 bit field element\\', Group 4=\\'Large Elliptic Curve Group with 185 bit field element\\', and Group 5=\\'1536 bit prime\\'.") : Amended ToSubclass,Values{"No Group/Non-Diffie-Hellman Exchange", "DH-768 bit prime", "DH-1024 bit prime", "EC2N-155 bit field element", "EC2N-185 bit field element", "DH-1536 bit prime", "Standard Group - Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 AggressiveModeGroupID; }; [Description("CIM_SettingData is used to represent configuration and and operational parameters for CIM_ManagedElement instances. There are a number of different uses of CIM_SettingData supported in the model today. Additional uses may be defined in the future.\nInstances of CIM_SettingData may represent Aspects of a CIM_ManagedElement instance. This is modeled using the CIM_SettingsDefineState association. CIM_SettingData may be used to define capabilities when associated to an instance of CIM_Capabilities through the CIM_SettingsDefineCapabilities association. \nInstances of CIM_SettingData may represent different types of configurations for a CIM_ManagedElement, including persistent configurations, in progress configuration changes, or requested configurations. The CIM_ElementSettingData association is used to model the relationship between a CIM_SettingData instance and the CIM_ManagedElement for which it is a configuration. \nWhen an instance of CIM_SettingData represents a configuration, the current operational values for the parameters of the element are reflected by properties in the Element itself or by properties in its associations. These properties do not have to be the same values that are present in the SettingData object. For example, a modem might have a SettingData baud rate of 56Kb/sec but be operating at 19.2Kb/sec. \nNote: The CIM_SettingData class is very similar to CIM_Setting, yet both classes are present in the model because many implementations have successfully used CIM_Setting. However, issues have arisen that could not be resolved without defining a new class. Therefore, until a new major release occurs, both classes will exist in the model. Refer to the Core White Paper for additional information. SettingData instances can be aggregated together into higher- level SettingData objects using ConcreteComponent associations.") : Amended ToSubclass,Version("2.19.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_SettingData : CIM_ManagedElement { [Description("Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. To ensure uniqueness within the NameSpace, the value of InstanceID should be constructed using the following \"preferred\" algorithm: \n: \nWhere and are separated by a colon (:), and where must include a copyrighted, trademarked, or otherwise unique name that is owned by the business entity that is creating or defining the InstanceID or that is a registered ID assigned to the business entity by a recognized global authority. (This requirement is similar to the _ structure of Schema class names.) In addition, to ensure uniqueness, must not contain a colon (:). When using this algorithm, the first colon to appear in InstanceID must appear between and . \n is chosen by the business entity and should not be reused to identify different underlying (real-world) elements. If the above \"preferred\" algorithm is not used, the defining entity must assure that the resulting InstanceID is not reused across any InstanceIDs produced by this or other providers for the NameSpace of this instance. \nFor DMTF-defined instances, the \"preferred\" algorithm must be used with the set to CIM.") : Amended ToSubclass,key] string InstanceID; [Description("The user-friendly name for this instance of SettingData. In addition, the user-friendly name can be used as an index property for a search or query. (Note: The name does not have to be unique within a namespace.)") : Amended ToSubclass] string ElementName; }; [Description("The ScopedSettingData class represents the general concept of SettingData, which is scoped or contained by a ManagedElement (that is, settings that are specifically defined for a system, device, and so on). ScopedSettingData is tied to a ManagedElement using the ScopedSetting association. Note that the cardinality of the ManagedElement reference is Min(1), Max(1). This cardinality mandates the instantiation of the ScopedSetting association for the referenced instance of ScopedSettingData. ScopedSetting describes the existence requirements and context for the referenced instance of ManagedElement. Specifically, the ManagedElement must exist and it provides the context for the ScopedSettingData.") : Amended ToSubclass,Version("2.10.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_ScopedSettingData : CIM_SettingData { }; [Description("SAProposal is a base class defining the common properties of, and anchoring common associations for, IPsec phase 1 and phase 2 proposals. It is defined as a kind of ScopedSettingData (scoped by a ComputerSystem or AdminDomain), since its subclasses define sets of IPsec properties that MUST be applied together, if negotiated. This subclassing is different than that defined in IETF\\'s IPSP Policy draft - where it is subclassed from Policy. The definition as SettingData is more consistent with the application of the properties as a set, to the negotiated Security Association. To indicate that \\'this\\' proposaltransform is negotiated for a Security Association, use the ElementSettingData to associate the proposal and the SA.") : Amended ToSubclass,Version("2.8.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_SAProposal : CIM_ScopedSettingData { }; [Description("IKEProposal contains the parameters necessary to drive the phase 1 IKE negotiation.") : Amended ToSubclass,Version("2.8.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_IKEProposal : CIM_SAProposal { [Description("MaxLifetimeSeconds specifies the maximum time the IKE message sender proposes for an SA to be considered valid after it has been created. A value of zero indicates that the default of 8 hours be used. A non-zero value indicates the maximum seconds lifetime.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 MaxLifetimeSeconds; [Description("MaxLifetimeKilobytes specifies the maximum kilobyte lifetime the IKE message sender proposes for an SA to be considered valid after it has been created. A value of zero (the default) indicates that there should be no maximum kilobyte lifetime. A non-zero value specifies the desired kilobyte lifetime.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 MaxLifetimeKilobytes; [Description("CipherAlgorithm is an enumeration that specifies the proposed encryption algorithm. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.CipherAlgorithm.") : Amended ToSubclass,Values{"Other", "DES", "IDEA", "Blowfish", "RC5", "3DES", "CAST", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CipherAlgorithm; [Description("Description of the encryption algorithm when the value 1 (\"Other\") is specified for the property, CipherAlgorithm.") : Amended ToSubclass] string OtherCipherAlgorithm; [Description("HashAlgorithm is an enumeration that specifies the proposed hash function. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.HashAlgorithm.") : Amended ToSubclass,Values{"Other", "MD5", "SHA-1", "Tiger", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 HashAlgorithm; [Description("Description of the hash function when the value 1 (\"Other\") is specified for the property, HashAlgorithm.") : Amended ToSubclass] string OtherHashAlgorithm; [Description("AuthenticationMethod is an enumeration that specifies the proposed authentication. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.AuthenticationMethod. There is one change to the list - the value 65000 has special meaning. It is a special value that indicates that this particular proposal should be repeated once for each authentication method corresponding to credentials installed on the machine. For example, if the system has a pre-shared key and an public-key certificate, a proposal list would be constructed which includes a proposal that specifies a pre-shared key and a proposal for any of the public-key certificates.") : Amended ToSubclass,Values{"Other", "Pre-shared Key", "DSS Signatures", "RSA Signatures", "Encryption with RSA", "Revised Encryption with RSA", "DMTF/IANA Reserved", "Any", "Vendor Reserved"} : Amended ToSubclass] uint16 AuthenticationMethod; [Description("Description of the method when the value 1 (\"Other\") is specified for the property, AuthenticationMethod.") : Amended ToSubclass] string OtherAuthenticationMethod; [Description("The property GroupId specifies the proposed phase 1 security association key exchange group. This property is ignored for all aggressive mode exchanges (IKEAction.ExchangeMode = 4). If the GroupID number is from the vendor-specific range (32768-65535), the property VendorID qualifies the group number. Well-known group identifiers from RFC2412, Appendix E, are: Group 1=\\'768 bit prime\\', Group 2=\\'1024 bit prime\\', Group 3 =\\'Elliptic Curve Group with 155 bit field element\\', Group 4= \\'Large Elliptic Curve Group with 185 bit field element\\', and Group 5=\\'1536 bit prime\\'.") : Amended ToSubclass,Values{"No Group/Non-Diffie-Hellman Exchange", "DH-768 bit prime", "DH-1024 bit prime", "EC2N-155 bit field element", "EC2N-185 bit field element", "DH-1536 bit prime", "Standard Group - Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 GroupId; [Description("VendorID identifies the vendor when the value of GroupID is in the vendor-specific range, 32768 to 65535.") : Amended ToSubclass] string VendorID; }; [Description("CIM_ServiceAccessPoint represents the ability to utilize or invoke a Service. Access points represent that a Service is made available for other entities to use.") : Amended ToSubclass,Version("2.10.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_ServiceAccessPoint : CIM_EnabledLogicalElement { [Description("The Name property uniquely identifies the ServiceAccessPoint and provides an indication of the functionality that is managed. This functionality is described in more detail in the Description property of the object.") : Amended ToSubclass,key] string Name; [key,Description("The CreationClassName of the scoping System.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("The Name of the scoping System.") : Amended ToSubclass] string SystemName; [key,Description("CreationClassName indicates the name of the class or the subclass used in the creation of an instance. When used with the other key properties of this class, this property allows all instances of this class and its subclasses to be uniquely identified.") : Amended ToSubclass] string CreationClassName; }; [Description("A communication point from which data can be sent or received. ProtocolEndpoints link system or computer interfaces to LogicalNetworks.") : Amended ToSubclass,Version("2.15.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_ProtocolEndpoint : CIM_ServiceAccessPoint { [Description("The Description property provides a textual description of the object.") : Amended ToSubclass] string Description; [Description("A string that identifies this ProtocolEndpoint with either a port or an interface on a device. To ensure uniqueness, the Name property should be prepended or appended with information from the Type or OtherTypeDescription properties. The method selected is described in the NameFormat property of this class.") : Amended ToSubclass,key] string Name; [Description("Indicates the current statuses of the element. Various operational statuses are defined. Many of the enumeration\\'s values are self-explanatory. However, a few are not and are described here in more detail. \n\"Stressed\" indicates that the element is functioning, but needs attention. Examples of \"Stressed\" states are overload, overheated, and so on. \n\"Predictive Failure\" indicates that an element is functioning nominally but predicting a failure in the near future. \n\"In Service\" describes an element being configured, maintained, cleaned, or otherwise administered. \n\"No Contact\" indicates that the monitoring system has knowledge of this element, but has never been able to establish communications with it. \n\"Lost Communication\" indicates that the ManagedSystem Element is known to exist and has been contacted successfully in the past, but is currently unreachable. \n\"Stopped\" and \"Aborted\" are similar, although the former implies a clean and orderly stop, while the latter implies an abrupt stop where the state and configuration of the element might need to be updated. \n\"Dormant\" indicates that the element is inactive or quiesced. \n\"Supporting Entity in Error\" indicates that this element might be \"OK\" but that another element, on which it is dependent, is in error. An example is a network service or endpoint that cannot function due to lower-layer networking problems. \n\"Completed\" indicates that the element has completed its operation. This value should be combined with either OK, Error, or Degraded so that a client can tell if the complete operation Completed with OK (passed), Completed with Error (failed), or Completed with Degraded (the operation finished, but it did not complete OK or did not report an error). \n\"Power Mode\" indicates that the element has additional power model information contained in the Associated PowerManagementService association. \nOperationalStatus replaces the Status property on ManagedSystemElement to provide a consistent approach to enumerations, to address implementation needs for an array property, and to provide a migration path from today\\'s environment to the future. This change was not made earlier because it required the deprecated qualifier. Due to the widespread use of the existing Status property in management applications, it is strongly recommended that providers or instrumentation provide both the Status and OperationalStatus properties. Further, the first value of OperationalStatus should contain the primary status for the element. When instrumented, Status (because it is single-valued) should also provide the primary status of the element.") : Amended ToSubclass,Values{"Unknown", "Other", "OK", "Degraded", "Stressed", "Predictive Failure", "Error", "Non-Recoverable Error", "Starting", "Stopping", "Stopped", "In Service", "No Contact", "Lost Communication", "Aborted", "Dormant", "Supporting Entity in Error", "Completed", "Power Mode", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperationalStatus[]; [Description("EnabledState is an integer enumeration that indicates the enabled and disabled states of an element. It can also indicate the transitions between these requested states. For example, shutting down (value=4) and starting (value=10) are transient states between enabled and disabled. The following text briefly summarizes the various enabled and disabled states: \nEnabled (2) indicates that the element is or could be executing commands, will process any queued commands, and queues new requests. \nDisabled (3) indicates that the element will not execute commands and will drop any new requests. \nShutting Down (4) indicates that the element is in the process of going to a Disabled state. \nNot Applicable (5) indicates the element does not support being enabled or disabled. \nEnabled but Offline (6) indicates that the element might be completing commands, and will drop any new requests. \nTest (7) indicates that the element is in a test state. \nDeferred (8) indicates that the element might be completing commands, but will queue any new requests. \nQuiesce (9) indicates that the element is enabled but in a restricted mode.\nStarting (10) indicates that the element is in the process of going to an Enabled state. New requests are queued.") : Amended ToSubclass,Values{"Unknown", "Other", "Enabled", "Disabled", "Shutting Down", "Not Applicable", "Enabled but Offline", "In Test", "Deferred", "Quiesce", "Starting", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 EnabledState; [Description("The date or time when the EnabledState of the element last changed. If the state of the element has not changed and this property is populated, then it must be set to a 0 interval value. If a state change was requested, but rejected or not yet processed, the property must not be updated.") : Amended ToSubclass] datetime TimeOfLastStateChange; [Description("NameFormat contains the naming heuristic that is selected to ensure that the value of the Name property is unique. For example, you might choose to prepend the name of the port or interface with the Type of ProtocolEndpoint (for example, IPv4) of this instance followed by an underscore.") : Amended ToSubclass] string NameFormat; [Description("Note: This property is deprecated in lieu of the ProtocolIFType enumeration. This deprecation was done to have better alignment between the IF-MIB of the IETF and this CIM class. \nDeprecated description: ProtocolType is an enumeration that provides information to categorize and classify different instances of this class. For most instances, information in this enumeration and the definition of the subclass overlap. However, there are several cases where a specific subclass of ProtocolEndpoint is not required (for example, there is no Fibre Channel subclass of ProtocolEndpoint). Therefore, this property is needed to define the type of Endpoint.") : Amended ToSubclass,Values{"Unknown", "Other", "IPv4", "IPv6", "IPX", "AppleTalk", "DECnet", "SNA", "CONP", "CLNP", "VINES", "XNS", "ATM", "Frame Relay", "Ethernet", "TokenRing", "FDDI", "Infiniband", "Fibre Channel", "ISDN BRI Endpoint", "ISDN B Channel Endpoint", "ISDN D Channel Endpoint", "IPv4/v6", "BGP", "OSPF", "MPLS", "UDP", "TCP"} : Amended ToSubclass] uint16 ProtocolType; [Description("ProtocolIFType is an enumeration that is synchronized with the IANA ifType MIB. The ifType MIB is maintained at the URL, http://www.iana.org/assignments/ianaiftype-mib. Also, additional values defined by the DMTF are included. The property is used to categorize and classify instances of the ProtocolEndpoint class. Note that if the ProtocolIFType is set to 1 (Other), then the type information should be provided in the OtherTypeDescription string property.") : Amended ToSubclass,Values{"Unknown", "Other", "Regular 1822", "HDH 1822", "DDN X.25", "RFC877 X.25", "Ethernet CSMA/CD", "ISO 802.3 CSMA/CD", "ISO 802.4 Token Bus", "ISO 802.5 Token Ring", "ISO 802.6 MAN", "StarLAN", "Proteon 10Mbit", "Proteon 80Mbit", "HyperChannel", "FDDI", "LAP-B", "SDLC", "DS1", "E1", "Basic ISDN", "Primary ISDN", "Proprietary Point-to-Point Serial", "PPP", "Software Loopback", "EON", "Ethernet 3Mbit", "NSIP", "SLIP", "Ultra", "DS3", "SIP", "Frame Relay", "RS-232", "Parallel", "ARCNet", "ARCNet Plus", "ATM", "MIO X.25", "SONET", "X.25 PLE", "ISO 802.211c", "LocalTalk", "SMDS DXI", "Frame Relay Service", "V.35", "HSSI", "HIPPI", "Modem", "AAL5", "SONET Path", "SONET VT", "SMDS ICIP", "Proprietary Virtual/Internal", "Proprietary Multiplexor", "IEEE 802.12", "Fibre Channel", "HIPPI Interface", "Frame Relay Interconnect", "ATM Emulated LAN for 802.3", "ATM Emulated LAN for 802.5", "ATM Emulated Circuit", "Fast Ethernet (100BaseT)", "ISDN", "V.11", "V.36", "G703 at 64K", "G703 at 2Mb", "QLLC", "Fast Ethernet 100BaseFX", "Channel", "IEEE 802.11", "IBM 260/370 OEMI Channel", "ESCON", "Data Link Switching", "ISDN S/T Interface", "ISDN U Interface", "LAP-D", "IP Switch", "Remote Source Route Bridging", "ATM Logical", "DS0", "DS0 Bundle", "BSC", "Async", "Combat Net Radio", "ISO 802.5r DTR", "Ext Pos Loc Report System", "AppleTalk Remote Access Protocol", "Proprietary Connectionless", "ITU X.29 Host PAD", "ITU X.3 Terminal PAD", "Frame Relay MPI", "ITU X.213", "ADSL", "RADSL", "SDSL", "VDSL", "ISO 802.5 CRFP", "Myrinet", "Voice Receive and Transmit", "Voice Foreign Exchange Office", "Voice Foreign Exchange Service", "Voice Encapsulation", "Voice over IP", "ATM DXI", "ATM FUNI", "ATM IMA", "PPP Multilink Bundle", "IP over CDLC", "IP over CLAW", "Stack to Stack", "Virtual IP Address", "MPC", "IP over ATM", "ISO 802.5j Fibre Token Ring", "TDLC", "Gigabit Ethernet", "HDLC", "LAP-F", "V.37", "X.25 MLP", "X.25 Hunt Group", "Transp HDLC", "Interleave Channel", "FAST Channel", "IP (for APPN HPR in IP Networks)", "CATV MAC Layer", "CATV Downstream", "CATV Upstream", "Avalon 12MPP Switch", "Tunnel", "Coffee", "Circuit Emulation Service", "ATM SubInterface", "Layer 2 VLAN using 802.1Q", "Layer 3 VLAN using IP", "Layer 3 VLAN using IPX", "Digital Power Line", "Multimedia Mail over IP", "DTM", "DCN", "IP Forwarding", "MSDSL", "IEEE 1394", "IF-GSN/HIPPI-6400", "DVB-RCC MAC Layer", "DVB-RCC Downstream", "DVB-RCC Upstream", "ATM Virtual", "MPLS Tunnel", "SRP", "Voice over ATM", "Voice over Frame Relay", "ISDL", "Composite Link", "SS7 Signaling Link", "Proprietary P2P Wireless", "Frame Forward", "RFC1483 Multiprotocol over ATM", "USB", "IEEE 802.3ad Link Aggregate", "BGP Policy Accounting", "FRF .16 Multilink FR", "H.323 Gatekeeper", "H.323 Proxy", "MPLS", "Multi-Frequency Signaling Link", "HDSL-2", "S-HDSL", "DS1 Facility Data Link", "Packet over SONET/SDH", "DVB-ASI Input", "DVB-ASI Output", "Power Line", "Non Facility Associated Signaling", "TR008", "GR303 RDT", "GR303 IDT", "ISUP", "Proprietary Wireless MAC Layer", "Proprietary Wireless Downstream", "Proprietary Wireless Upstream", "HIPERLAN Type 2", "Proprietary Broadband Wireless Access Point to Mulipoint", "SONET Overhead Channel", "Digital Wrapper Overhead Channel", "ATM Adaptation Layer 2", "Radio MAC", "ATM Radio", "Inter Machine Trunk", "MVL DSL", "Long Read DSL", "Frame Relay DLCI Endpoint", "ATM VCI Endpoint", "Optical Channel", "Optical Transport", "Proprietary ATM", "Voice over Cable", "Infiniband", "TE Link", "Q.2931", "Virtual Trunk Group", "SIP Trunk Group", "SIP Signaling", "CATV Upstream Channel", "Econet", "FSAN 155Mb PON", "FSAN 622Mb PON", "Transparent Bridge", "Line Group", "Voice E&M Feature Group", "Voice FGD EANA", "Voice DID", "MPEG Transport", "6To4", "GTP", "Paradyne EtherLoop 1", "Paradyne EtherLoop 2", "Optical Channel Group", "HomePNA", "GFP", "ciscoISLvlan", "actelisMetaLOOP", "Fcip", "IANA Reserved", "IPv4", "IPv6", "IPv4/v6", "IPX", "DECnet", "SNA", "CONP", "CLNP", "VINES", "XNS", "ISDN B Channel Endpoint", "ISDN D Channel Endpoint", "BGP", "OSPF", "UDP", "TCP", "802.11a", "802.11b", "802.11g", "802.11h", "NFS", "CIFS", "DAFS", "WebDAV", "HTTP", "FTP", "NDMP", "Telnet", "SSH", "SM CLP", "SMTP", "LDAP", "RDP", "HTTPS", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 ProtocolIFType; [Description("A string that describes the type of ProtocolEndpoint when the Type property of this class (or any of its subclasses) is set to 1 (Other). This property should be set to null when the Type property is any value other than 1.") : Amended ToSubclass] string OtherTypeDescription; }; [Description("SecurityAssociationEndpoint (SAEndpoint) represents the endpoint of a secure connection. This is typically an IP connection, although the model allows more flexibility than just IP. The SecurityAssociationEndpoint is tied to an IPProtocolEndpoint (or possibly other endpoint) using the LogicalIdentity association. Note that an endpoint is defined at both ends of the connection.") : Amended ToSubclass,Version("2.8.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_SecurityAssociationEndpoint : CIM_ProtocolEndpoint { [Description("InstallDate records when the SA (and its endpoint) was created.") : Amended ToSubclass] datetime InstallDate; [Description("LifetimeSeconds specifies the maximum time that the SA will be considered valid after it has been created. A value of zero indicates that the default of 8 hours be used. A non-zero value indicates the seconds lifetime.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 LifetimeSeconds; [Description("RefreshThresholdSecondsPercentage is the lifetime percentage after which a new SA should be acquired, before the existing SA expires. A random period may be added to a calculated threshold to reduce network thrashing.") : Amended ToSubclass,Units("Percent") : Amended ToSubclass] uint8 RefreshThresholdSecondsPercentage; [Description("IdleDurationSeconds specifies how long the SA can be idle before it is deleted. The default value, 0, indicates that there is no idle timeout period.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 IdleDurationSeconds; [Description("LifetimeKilobytes specifies the maximum number of kilobytes of data traffic to be protected by the SA. A value of zero (the default) indicates that there should be no maximum kilobyte lifetime. A non-zero value specifies the desired kilobyte lifetime. The SA is deleted when the LifetimeKilobyte value is exceeded.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 LifetimeKilobytes; [Description("RefreshThresholdKbytesPercentage is the lifetime percentage of kilobytes processed, at which a new SA should be acquired. A random value may be added to the calculated threshold to reduce network thrashing.") : Amended ToSubclass,Units("Percent") : Amended ToSubclass] uint8 RefreshThresholdKbytesPercentage; [Description("PacketLoggingActive causes a log to be kept of traffic processed by the SAEndpoint.") : Amended ToSubclass] boolean PacketLoggingActive; }; [Description("IKESAEndpoint is created in the first phase of SA negotiation and protects the key negotiation traffic. This endpoint is only created when IKE is the key exchange protocol. Other protocols and their endpoints will be defined in a future release.") : Amended ToSubclass,Version("2.8.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_IKESAEndpoint : CIM_SecurityAssociationEndpoint { [Description("Identifier of the IKE phase 1 negotiation initiator. Combined with the ResponderCookie, this value, in string form, may be used to construct the value of the key field \\'Name\\', inherited from ServiceAccessPoint.") : Amended ToSubclass] uint64 InitiatorCookie; [Description("Identifier of the IKE phase 1 negotiation responder. Combined with the InitiatorCookie, this value, in string form, may be used to construct the value of the key field \\'Name\\', inherited from ServiceAccessPoint.") : Amended ToSubclass] uint64 ResponderCookie; [Description("CipherAlgorithm is an enumeration that specifies the encryption algorithm used by the IKESAEndpoint. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list, since the values of Unknown and Other are taken into account.") : Amended ToSubclass,Values{"Unknown", "Other", "DES", "IDEA", "Blowfish", "RC5", "3DES", "CAST", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CipherAlgorithm; [Description("Description of the encryption algorithm when the value 1 (\"Other\") is specified for the property, CipherAlgorithm.") : Amended ToSubclass] string OtherCipherAlgorithm; [Description("HashAlgorithm is an enumeration that specifies the hash function used by the IKESAEndpoint. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list, since the values of Unknown and Other are taken into account.") : Amended ToSubclass,Values{"Unknown", "Other", "MD5", "SHA-1", "Tiger", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 HashAlgorithm; [Description("Description of the hash function when the value 1 (\"Other\") is specified for the property, HashAlgorithm.") : Amended ToSubclass] string OtherHashAlgorithm; [Description("AuthenticationMethod is an enumeration that specifies the operation of the IKESAEndpoint. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list, since the values of Unknown and Other are taken into account.") : Amended ToSubclass,Values{"Unknown", "Other", "Pre-shared Key", "DSS Signatures", "RSA Signatures", "Encryption with RSA", "Revised Encryption with RSA", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 AuthenticationMethod; [Description("Description of the method when the value 1 (\"Other\") is specified for the property, AuthenticationMethod.") : Amended ToSubclass] string OtherAuthenticationMethod; [Description("GroupId specifies the key exchange group ID. If the GroupID number is from the vendor-specific range (32768-65535), the VendorID qualifies the group number. Well-known group identifiers from RFC2412, Appendix E, are: Group 1=\\'768 bit prime\\', Group 2=\\'1024 bit prime\\', Group 3= \\'Elliptic Curve Group with 155 bit field element\\', Group 4= \\'Large Elliptic Curve Group with 185 bit field element\\', and Group 5=\\'1536 bit prime\\'.") : Amended ToSubclass,Values{"No Group/Non-Diffie-Hellman Exchange", "DH-768 bit prime", "DH-1024 bit prime", "EC2N-155 bit field element", "EC2N-185 bit field element", "DH-1536 bit prime", "Standard Group - Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 GroupId; [Description("VendorID identifies the vendor when the value of GroupID is in the vendor-specific range, 32768 to 65535.") : Amended ToSubclass] string VendorID; }; [Description("IPsecSAEndpoints are types of SecurityAssociationEndpoints representing both negotiated and static SAs that correspond to AH, ESP, or IPCOMP transforms.") : Amended ToSubclass,Version("2.8.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_IPsecSAEndpoint : CIM_SecurityAssociationEndpoint { [Description("SPI contains the Security Parameter Index of the SA. This value in string form may also be used in the key field \\'Name\\' inherited from ServiceAccessPoint.") : Amended ToSubclass] uint32 SPI; [Description("InboundDirection specifies whether the SA applies to inbound (TRUE) or outbound (FALSE) traffic.") : Amended ToSubclass] boolean InboundDirection; [Description("EncapsulationMode indicates whether the IPsecSAEndpoint uses transport or tunnel encapsulation.") : Amended ToSubclass,Values{"Unknown", "Tunnel", "Transport"} : Amended ToSubclass] uint16 EncapsulationMode; [Description("DFHandling controls how the \\'Don\\'t Fragment\\' bit is managed by the IPsecSAEndpoint.") : Amended ToSubclass,Values{"Unknown", "Copy from Internal to External IP Header", "Set DF Bit in External Header to 1", "Set DF Bit in External Header to 0"} : Amended ToSubclass] uint16 DFHandling; [Description("PFSInUse indicates whether perfect forward secrecy is required when refreshing keys.") : Amended ToSubclass] boolean PFSInUse; }; [Description("Phase1SAUsedForPhase2 associates a phase 1 endpoint (such as an IKESAEndpoint) with an IPsecSAEndpoint that was negotiated using that phase 1 Security Association.") : Amended ToSubclass,Version("2.8.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_Phase1SAUsedForPhase2 : CIM_Dependency { [key,Description("Phase 1 SAEndpoint that protected the negotiation of the phase 2 Security Association. An example of a phase 1 endpoint is an IKESAEndpoint.") : Amended ToSubclass] CIM_SecurityAssociationEndpoint Ref Antecedent; [key,Description("The phase 2 SAEndpoint.") : Amended ToSubclass] CIM_IPsecSAEndpoint Ref Dependent; }; [Description("CIM_PolicyComponent is a generic association used to establish \\'part of\\' relationships between the subclasses of CIM_Policy. For example, the PolicyConditionInPolicyRule association defines that PolicyConditions are part of a PolicyRule.") : Amended ToSubclass,Version("2.6.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_PolicyComponent : CIM_Component { [key,Description("The parent Policy in the association.") : Amended ToSubclass] CIM_Policy Ref GroupComponent; [key,Description("The child/part Policy in the association.") : Amended ToSubclass] CIM_Policy Ref PartComponent; }; [Description("PolicyActions may be aggregated into rules and into compound actions. PolicyActionStructure is the abstract aggregation class for the structuring of policy actions.") : Amended ToSubclass,Version("2.6.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_PolicyActionStructure : CIM_PolicyComponent { [key,Description("PolicyAction instances may be aggregated into either PolicyRule instances or CompoundPolicyAction instances.") : Amended ToSubclass] CIM_Policy Ref GroupComponent; [key,Description("A PolicyAction aggregated by a PolicyRule or CompoundPolicyAction.") : Amended ToSubclass] CIM_PolicyAction Ref PartComponent; [Description("ActionOrder is an unsigned integer \\'n\\' that indicates the relative position of a PolicyAction in the sequence of actions associated with a PolicyRule or CompoundPolicyAction. When \\'n\\' is a positive integer, it indicates a place in the sequence of actions to be performed, with smaller integers indicating earlier positions in the sequence. The special value \\'0\\' indicates \\'don\\'t care\\'. If two or more PolicyActions have the same non-zero sequence number, they may be performed in any order, but they must all be performed at the appropriate place in the overall action sequence. \n\nA series of examples will make ordering of PolicyActions clearer: \no If all actions have the same sequence number, regardless of whether it is \\'0\\' or non-zero, any order is acceptable. \no The values: \n1:ACTION A \n2:ACTION B \n1:ACTION C \n3:ACTION D \nindicate two acceptable orders: A,C,B,D or C,A,B,D, \nsince A and C can be performed in either order, but only at the \\'1\\' position. \no The values: \n0:ACTION A \n2:ACTION B \n3:ACTION C \n3:ACTION D \nrequire that B,C, and D occur either as B,C,D or as B,D,C. Action A may appear at any point relative to B, C, and D. Thus the complete set of acceptable orders is: A,B,C,D; B,A,C,D; B,C,A,D; B,C,D,A; A,B,D,C; B,A,D,C; B,D,A,C; B,D,C,A. \n\nNote that the non-zero sequence numbers need not start with \\'1\\', and they need not be consecutive. All that matters is their relative magnitude.") : Amended ToSubclass] uint16 ActionOrder; }; [Description("A PolicyRule aggregates zero or more instances of the PolicyAction class, via the PolicyActionInPolicyRule association. A Rule that aggregates zero Actions is not valid--it may, however, be in the process of being entered into a PolicyRepository or being defined for a System. Alternately, the actions of the policy may be explicit in the definition of the PolicyRule. Note that a PolicyRule should have no effect until it is valid. \n\nThe Actions associated with a PolicyRule may be given a required order, a recommended order, or no order at all. For Actions represented as separate objects, the PolicyActionInPolicyRule aggregation can be used to express an order. \n\nThis aggregation does not indicate whether a specified action order is required, recommended, or of no significance; the property SequencedActions in the aggregating instance of PolicyRule provides this indication.") : Amended ToSubclass,Version("2.6.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_PolicyActionInPolicyRule : CIM_PolicyActionStructure { [key,Description("This property represents the PolicyRule that contains one or more PolicyActions.") : Amended ToSubclass] CIM_PolicyRule Ref GroupComponent; [key,Description("This property holds the name of a PolicyAction contained by one or more PolicyRules.") : Amended ToSubclass] CIM_PolicyAction Ref PartComponent; }; [Description("PolicySet is an abstract class that represents a set of policies that form a coherent set. The set of contained policies has a common decision strategy and a common set of policy roles (defined via the PolicySetInRole Collection association). Subclasses include PolicyGroup and PolicyRule.") : Amended ToSubclass,Version("2.8.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_PolicySet : CIM_Policy { [Description("PolicyDecisionStrategy defines the evaluation method used for policies contained in the PolicySet. There are two values currently defined: \n- \\'First Matching\\' (1) executes the actions of the first rule whose conditions evaluate to TRUE. The concept of \\'first\\' is determined by examining the priority of the rule within the policy set (i.e., by examining the property, PolicySetComponent.Priority). Note that this ordering property MUST be maintained when processing the PolicyDecisionStrategy. \n- \\'All\\' (2) executes the actions of ALL rules whose conditions evaluate to TRUE, in the set. As noted above, the order of processing of the rules is defined by the property, PolicySetComponent.Priority (and within a rule, the ordering of the actions is defined by the property, PolicyActionStructure.ActionOrder). Note that when this strategy is defined, processing MUST be completed of ALL rules whose conditions evaluate to TRUE, regardless of errors in the execution of the rule actions.") : Amended ToSubclass,Values{"First Matching", "All"} : Amended ToSubclass] uint16 PolicyDecisionStrategy; [Description("The PolicyRoles property represents the roles associated with a PolicySet. All contained PolicySet instances inherit the values of the PolicyRoles of the aggregating PolicySet but the values are not copied. A contained PolicySet instance may, however, add additional PolicyRoles to those it inherits from its aggregating PolicySet(s). Each value in PolicyRoles multi-valued property represents a role for which the PolicySet applies, i.e., the PolicySet should be used by any enforcement point that assumes any of the listed PolicyRoles values. \n\nAlthough not officially designated as \\'role combinations\\', multiple roles may be specified using the form: \n[&&]* \nwhere the individual role names appear in alphabetical order (according to the collating sequence for UCS-2). Implementations may treat PolicyRoles values that are specified as \\'role combinations\\' as simple strings. \n\nThis property is deprecated in lieu of the use of an association, CIM_PolicySetInRoleCollection. The latter is a more explicit and less error-prone approach to modeling that a PolicySet has one or more PolicyRoles.") : Amended ToSubclass] string PolicyRoles[]; [Description("Indicates whether this PolicySet is administratively enabled, administratively disabled, or enabled for debug. The \"EnabledForDebug\" property value is deprecated and, when it or any value not understood by the receiver is specified, the receiving enforcement point treats the PolicySet as \"Disabled\". To determine if a PolicySet is \"Enabled\", the containment hierarchy specified by the PolicySetComponent aggregation is examined and the Enabled property values of the hierarchy are ANDed together. Thus, for example, everything aggregated by a PolicyGroup may be disabled by setting the Enabled property in the PolicyGroup instance to \"Disabled\" without changing the Enabled property values of any of the aggregated instances. The default value is 1 (\"Enabled\").") : Amended ToSubclass,Values{"Enabled", "Disabled", "Enabled For Debug"} : Amended ToSubclass] uint16 Enabled; }; [Description("The central class used for representing the \\'If Condition then Action\\' semantics of a policy rule. A PolicyRule condition, in the most general sense, is represented as either an ORed set of ANDed conditions (Disjunctive Normal Form, or DNF) or an ANDed set of ORed conditions (Conjunctive Normal Form, or CNF). Individual conditions may either be negated (NOT C) or unnegated (C). The actions specified by a PolicyRule are to be performed if and only if the PolicyRule condition (whether it is represented in DNF or CNF) evaluates to TRUE. \n\nThe conditions and actions associated with a PolicyRule are modeled, respectively, with subclasses of PolicyCondition and PolicyAction. These condition and action objects are tied to instances of PolicyRule by the PolicyConditionInPolicyRule and PolicyActionInPolicyRule aggregations. \n\nA PolicyRule may also be associated with one or more policy time periods, indicating the schedule according to which the policy rule is active and inactive. In this case it is the PolicySetValidityPeriod aggregation that provides this linkage. \n\nThe PolicyRule class uses the property ConditionListType, to indicate whether the conditions for the rule are in DNF (disjunctive normal form), CNF (conjunctive normal form) or, in the case of a rule with no conditions, as an UnconditionalRule. The PolicyConditionInPolicyRule aggregation contains two additional properties to complete the representation of the Rule\\'s conditional expression. The first of these properties is an integer to partition the referenced PolicyConditions into one or more groups, and the second is a Boolean to indicate whether a referenced Condition is negated. An example shows how ConditionListType and these two additional properties provide a unique representation of a set of PolicyConditions in either DNF or CNF. \n\nSuppose we have a PolicyRule that aggregates five PolicyConditions C1 through C5, with the following values in the properties of the five PolicyConditionInPolicyRule associations: \nC1: GroupNumber = 1, ConditionNegated = FALSE \nC2: GroupNumber = 1, ConditionNegated = TRUE \nC3: GroupNumber = 1, ConditionNegated = FALSE \nC4: GroupNumber = 2, ConditionNegated = FALSE \nC5: GroupNumber = 2, ConditionNegated = FALSE \n\nIf ConditionListType = DNF, then the overall condition for the PolicyRule is: \n(C1 AND (NOT C2) AND C3) OR (C4 AND C5) \n\nOn the other hand, if ConditionListType = CNF, then the overall condition for the PolicyRule is: \n(C1 OR (NOT C2) OR C3) AND (C4 OR C5) \n\nIn both cases, there is an unambiguous specification of the overall condition that is tested to determine whether to perform the PolicyActions associated with the PolicyRule. \n\nPolicyRule instances may also be used to aggregate other PolicyRules and/or PolicyGroups. When used in this way to implement nested rules, the conditions of the aggregating rule apply to the subordinate rules as well. However, any side effects of condition evaluation or the execution of actions MUST NOT affect the result of the evaluation of other conditions evaluated by the rule engine in the same evaluation pass. That is, an implementation of a rule engine MAY evaluate all conditions in any order before applying the priority and determining which actions are to be executed.") : Amended ToSubclass,Version("2.7.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_PolicyRule : CIM_PolicySet { [key,Description("The scoping System\\'s CreationClassName.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("The scoping System\\'s Name.") : Amended ToSubclass] string SystemName; [key,Description("CreationClassName indicates the name of the class or the subclass used in the creation of an instance. When used with the other key properties of this class, this property allows all instances of this class and its subclasses to be uniquely identified.") : Amended ToSubclass] string CreationClassName; [key,Description("A user-friendly name of this PolicyRule.") : Amended ToSubclass] string PolicyRuleName; [Description("Indicates whether the list of PolicyConditions associated with this PolicyRule is in disjunctive normal form (DNF), conjunctive normal form (CNF), or has no conditions (i.e., is an UnconditionalRule) and is automatically evaluated to \"True.\" The default value is 1 (\"DNF\").") : Amended ToSubclass,Values{"Unconditional Rule", "DNF", "CNF"} : Amended ToSubclass] uint16 ConditionListType; [Description("A free-form string that can be used to provide guidelines on how this PolicyRule should be used.") : Amended ToSubclass] string RuleUsage; [Description("PolicyRule.Priority is deprecated and replaced by providing the priority for a rule (and a group) in the context of the aggregating PolicySet instead of the priority being used for all aggregating PolicySet instances. Thus, the assignment of priority values is much simpler. \n\nA non-negative integer for prioritizing this Policy Rule relative to other Rules. A larger value indicates a higher priority. The default value is 0.") : Amended ToSubclass] uint16 Priority; [Description("A flag indicating that the evaluation of the Policy Conditions and execution of PolicyActions (if the Conditions evaluate to TRUE) is required. The evaluation of a PolicyRule MUST be attempted if the Mandatory property value is TRUE. If the Mandatory property is FALSE, then the evaluation of the Rule is \\'best effort\\' and MAY be ignored.") : Amended ToSubclass] boolean Mandatory; [Description("This property gives a policy administrator a way of specifying how the ordering of the PolicyActions associated with this PolicyRule is to be interpreted. Three values are supported: \no mandatory(1): Do the actions in the indicated order, or don\\'t do them at all. \no recommended(2): Do the actions in the indicated order if you can, but if you can\\'t do them in this order, do them in another order if you can. \no dontCare(3): Do them -- I don\\'t care about the order. \nThe default value is 3 (\"DontCare\").") : Amended ToSubclass,Values{"Mandatory", "Recommended", "Dont Care"} : Amended ToSubclass] uint16 SequencedActions; [Description("ExecutionStrategy defines the strategy to be used in executing the sequenced actions aggregated by this PolicyRule. There are three execution strategies: \n\nDo Until Success - execute actions according to predefined order, until successful execution of a single action. \nDo All - execute ALL actions which are part of the modeled set, according to their predefined order. Continue doing this, even if one or more of the actions fails. \nDo Until Failure - execute actions according to predefined order, until the first failure in execution of an action instance.") : Amended ToSubclass,Values{"Do Until Success", "Do All", "Do Until Failure"} : Amended ToSubclass] uint16 ExecutionStrategy; }; [Description("PolicySetComponent is a concrete aggregation that collects instances of the subclasses of PolicySet (i.e., PolicyGroups and PolicyRules). Instances are collected in sets that use the same decision strategy. They are prioritized relative to each other, within the set, using the Priority property of this aggregation. \n\nTogether, the PolicySet.PolicyDecisionStrategy and PolicySet Component.Priority properties determine the processing for the groups and rules contained in a PolicySet. A larger priority value represents a higher priority. Note that the Priority property MUST have a unique value when compared with others defined for the same aggregating PolicySet. Thus, the evaluation of rules within a set is deterministically specified.") : Amended ToSubclass,Version("2.6.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_PolicySetComponent : CIM_PolicyComponent { [key,Description("A PolicySet that aggregates other PolicySet instances.") : Amended ToSubclass] CIM_PolicySet Ref GroupComponent; [key,Description("A PolicySet aggregated into a PolicySet.") : Amended ToSubclass] CIM_PolicySet Ref PartComponent; [Description("A non-negative integer for prioritizing this PolicySet component relative to other elements of the same PolicySet. A larger value indicates a higher priority. The Priority property MUST have a unique value when compared with others defined for the same aggregating PolicySet.") : Amended ToSubclass] uint16 Priority; }; [Description("SARule is a base class for defining IKE and IPsec Rules. Although concrete (because it subclasses from a concrete class), it is not intended to be instantiated. It defines a common connection point for associating conditions and actions for both types of rules. Note that each valid PolicyGroup containing SARules MUST use a unique priority number for the Rule in the aggregation, PolicySetComponent.Priority.") : Amended ToSubclass,Version("2.8.0") : Amended,AMENDMENT, LOCALE("MS_409")] class CIM_SARule : CIM_PolicyRule { [Description("LimitNegotiation is used as part of processing either a key exchange or IPsec Rule. Before proceeding with either a phase 1 or a phase 2 negotiation, this property is checked to determine if the negotiation role of the Rule matches that defined for the negotiation being undertaken (e.g., Initiator, Responder, or Both). If this check fails, then the negotiation is stopped. Note that this only applies to new negotiations and has no effect on either renegotiation or refresh operations with peers for which an established Security Association already exists.") : Amended ToSubclass,Values{"Initiator-Only", "Responder-Only", "Either"} : Amended ToSubclass] uint16 LimitNegotiation; }; [Description("An AddressFilter matches based on the local or remote address of the traffic.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetAddressFilter : CIM_FilterEntryBase { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] datetime InstallDate; [Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass,key] string Name; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "OK", "Degraded", "Stressed", "Predictive Failure", "Error", "Non-Recoverable Error", "Starting", "Stopping", "Stopped", "In Service", "No Contact", "Lost Communication", "Aborted", "Dormant", "Supporting Entity in Error", "Completed", "Power Mode", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperationalStatus[]; [Description("This field is ignored.") : Amended ToSubclass] string StatusDescriptions[]; [Description("This field is ignored.") : Amended ToSubclass] string Status; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded/Warning", "Minor failure", "Major failure", "Critical failure", "Non-recoverable error", "DMTF Reserved"} : Amended ToSubclass] uint16 HealthState; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Communication OK", "Lost Communication", "No Contact", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CommunicationStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Not Available", "No Additional Information", "Stressed", "Predictive Failure", "Non-Recoverable Error", "Supporting Entity in Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 DetailedStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Servicing", "Starting", "Stopping", "Stopped", "Aborted", "Dormant", "Completed", "Migrating", "Emigrating", "Immigrating", "Snapshotting", "Shutting Down", "In Test", "Transitioning", "In Service", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperatingStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [Description("This field is ignored.") : Amended ToSubclass] boolean IsNegated; [Description("An array of addresses, subnets, ranges, or some of the following tokens: Any, LocalSubnet, DefaultGateway, DHCP, WINS, DNS, Internet, Intranet, IntranetRemoteAccess, PlayToTargets. The 'Any' keyword may only be used by itself.") : Amended ToSubclass] string RemoteAddress[]; [Description("An array of addresses, subnets, ranges, or some of the following tokens: Any, LocalSubnet, DefaultGateway, DHCP, WINS, DNS, Internet, Intranet, IntranetRemoteAccess, PlayToTargets. The 'Any' keyword may only be used by itself.") : Amended ToSubclass] string LocalAddress[]; [Description("Determines whether the the address is considered intranet or Internet.") : Amended ToSubclass] uint32 QueryIsolationType([In] uint32 InterfaceIndex,[In] string RemoteAddress,[Out] uint32 IsolationType); }; [Description("Filters traffic based on which local application is sending or receiving the traffic.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetApplicationFilter : CIM_FilterEntryBase { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] datetime InstallDate; [Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass,key] string Name; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "OK", "Degraded", "Stressed", "Predictive Failure", "Error", "Non-Recoverable Error", "Starting", "Stopping", "Stopped", "In Service", "No Contact", "Lost Communication", "Aborted", "Dormant", "Supporting Entity in Error", "Completed", "Power Mode", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperationalStatus[]; [Description("This field is ignored.") : Amended ToSubclass] string StatusDescriptions[]; [Description("This field is ignored.") : Amended ToSubclass] string Status; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded/Warning", "Minor failure", "Major failure", "Critical failure", "Non-recoverable error", "DMTF Reserved"} : Amended ToSubclass] uint16 HealthState; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Communication OK", "Lost Communication", "No Contact", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CommunicationStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Not Available", "No Additional Information", "Stressed", "Predictive Failure", "Non-Recoverable Error", "Supporting Entity in Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 DetailedStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Servicing", "Starting", "Stopping", "Stopped", "Aborted", "Dormant", "Completed", "Migrating", "Emigrating", "Immigrating", "Snapshotting", "Shutting Down", "In Test", "Transitioning", "In Service", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperatingStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [Description("This field is ignored.") : Amended ToSubclass] boolean IsNegated; [Description("Path and filename of the executable whose traffic to filter.") : Amended ToSubclass] string AppPath; [Description("The application package this rule applies to, given as a SID.") : Amended ToSubclass] string Package; }; [Description("Represents an IPsec Rule. Subtypes differentiate between Connection Security Rules (MSFT_NetConSecRule) and Main Mode Rules (MSFT_NetMainModeRule).") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetSARule : CIM_SARule { [Description("Specifies which platforms the rule is applicable on. If null, the rule applies to all platforms (the default). Each entry takes the form Major.Minor+, for instance 6.0, 6.1+, or 6.2. If + is specified, then it means that the rule applies to that version or greater. For instance, Windows Vista could be represented as 6 or 6.0, and Windows 7 or later would be represented as 6.1+. + may only be attached to the final item in the list. 6.0+ is not valid because it means the same thing as null (all platforms).") : Amended ToSubclass] string Platforms[]; [Description("The locale-independent name for the group that this rule belongs to. If this field is non-null, then Windows Firewall with Advanced Security assumes that this rule belongs to a Windows component or an installed application, and some parts of the rule are protected (including but not limited to the Name, Description, Program, and Service).") : Amended ToSubclass] string RuleGroup; [Description("The localized name of this rule. This field's value is based on the value of ElementName. Changes to this field are ignored.") : Amended ToSubclass] string DisplayName; [Description("The group that this rule belongs to. This field is based on the value of RuleGroup and changes to this field are ignored.") : Amended ToSubclass] string DisplayGroup; [Description("Which profiles this rule is active on.") : Amended ToSubclass,Values{"Any", "Public", "Private", "Domain"} : Amended ToSubclass] uint16 Profiles; [Description("The InstanceID of the MainModeCryptoSet to use for Main Mode.") : Amended ToSubclass] string MainModeCryptoSet; [Description("The InstanceID of the QuickModeCryptoSet to use for Quick Mode.") : Amended ToSubclass] string QuickModeCryptoSet; [Description("The InstanceID of the Phase1AuthenticationSet to use for Phase 1 auth.") : Amended ToSubclass] string Phase1AuthSet; [Description("The InstanceID of the Phase2AuthenticationSet to use for Phase 2 auth.") : Amended ToSubclass] string Phase2AuthSet; [Description("PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. \nPrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. \"Unknown\" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. \n\"OK\" indicates the ManagedElement is functioning normally. \n\"Degraded\" indicates the ManagedElement is functioning below normal. \n\"Error\" indicates the ManagedElement is in an Error condition. \n") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [Description("The detailed status of the rule, as a numeric error code.") : Amended ToSubclass] uint32 StatusCode; [Description("The detailed status of the rule, as a string.") : Amended ToSubclass] string Status; [Description("If this object is retrieved from the ActiveStore, describes the current enforcement status of the rule.") : Amended ToSubclass,Values{"Invalid", "Full", "FirewallOffInProfile", "CategoryOff", "DisabledObject", "InactiveProfile", "LocalAddressResolutionEmpty", "RemoteAddressResolutionEmpty", "LocalPortResolutionEmpty", "RemotePortResolutionEmpty", "InterfaceResolutionEmpty", "ApplicationResolutionEmpty", "RemoteMachineEmpty", "RemoteUserEmpty", "LocalGlobalOpenPortsDisallowed", "LocalAuthorizedApplicationsDisallowed", "LocalFirewallRulesDisallowed", "LocalConsecRulesDisallowed", "NotTargetPlatform", "OptimizedOut", "LocalUserEmpty", "TransportMachinesEmpty", "TunnelMachinesEmpty", "TupleResolutionEmpty"} : Amended ToSubclass] uint16 EnforcementStatus[]; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, describes the type of PolicyStore where this rule originally came from.") : Amended ToSubclass] uint16 PolicyStoreSourceType; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, contains the path to the PolicyStore where this rule originally came from.") : Amended ToSubclass] string PolicyStoreSource; }; [Description("A Connection Security Rule.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetConSecRule : MSFT_NetSARule { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("The Caption property is a short textual description (one- line string) of the object.") : Amended ToSubclass] string Caption; [Description("A brief description of the rule. May be an indirect string. If it is an indirect string, then it may not be overwritten.") : Amended ToSubclass] string Description; [Description("The locale-independent name of the rule. May be an indirect string.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] string CommonName; [Description("This field is ignored.") : Amended ToSubclass] string PolicyKeywords[]; [Description("This field is ignored.") : Amended ToSubclass,Values{"First Matching", "All"} : Amended ToSubclass] uint16 PolicyDecisionStrategy; [Description("This field is ignored.") : Amended ToSubclass] string PolicyRoles[]; [Description("Indicates whether this rule is administratively enabled or disabled.") : Amended ToSubclass,Values{"Enabled", "Disabled"} : Amended ToSubclass] uint16 Enabled; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyRuleName; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unconditional Rule", "DNF", "CNF"} : Amended ToSubclass] uint16 ConditionListType; [Description("This field is ignored.") : Amended ToSubclass] string RuleUsage; [Description("This field is ignored.") : Amended ToSubclass] uint16 Priority; [Description("This field is ignored.") : Amended ToSubclass] boolean Mandatory; [Description("This field is ignored.") : Amended ToSubclass,Values{"Mandatory", "Recommended", "Dont Care"} : Amended ToSubclass] uint16 SequencedActions; [Description("This field is ignored.") : Amended ToSubclass,Values{"Do Until Success", "Do All", "Do Until Failure"} : Amended ToSubclass] uint16 ExecutionStrategy; [Description("Specifies which platforms the rule is applicable on. If null, the rule applies to all platforms (the default). Each entry takes the form Major.Minor+, for instance 6.0, 6.1+, or 6.2. If + is specified, then it means that the rule applies to that version or greater. For instance, Windows Vista could be represented as 6 or 6.0, and Windows 7 or later would be represented as 6.1+. + may only be attached to the final item in the list. 6.0+ is not valid because it means the same thing as null (all platforms).") : Amended ToSubclass] string Platforms[]; [Description("The locale-independent name for the group that this rule belongs to. If this field is non-null, then Windows Firewall with Advanced Security assumes that this rule belongs to a Windows component or an installed application, and some parts of the rule are protected (including but not limited to the Name, Description, Program, and Service).") : Amended ToSubclass] string RuleGroup; [Description("The localized name of this rule. This field's value is based on the value of ElementName. Changes to this field are ignored.") : Amended ToSubclass] string DisplayName; [Description("The group that this rule belongs to. This field is based on the value of RuleGroup and changes to this field are ignored.") : Amended ToSubclass] string DisplayGroup; [Description("Which profiles this rule is active on.") : Amended ToSubclass,Values{"Any", "Public", "Private", "Domain"} : Amended ToSubclass] uint16 Profiles; [Description("The InstanceID of the MainModeCryptoSet to use for Main Mode.") : Amended ToSubclass] string MainModeCryptoSet; [Description("The InstanceID of the QuickModeCryptoSet to use for Quick Mode.") : Amended ToSubclass] string QuickModeCryptoSet; [Description("The InstanceID of the Phase1AuthenticationSet to use for Phase 1 auth.") : Amended ToSubclass] string Phase1AuthSet; [Description("The InstanceID of the Phase2AuthenticationSet to use for Phase 2 auth.") : Amended ToSubclass] string Phase2AuthSet; [Description("PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. \nPrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. \"Unknown\" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. \n\"OK\" indicates the ManagedElement is functioning normally. \n\"Degraded\" indicates the ManagedElement is functioning below normal. \n\"Error\" indicates the ManagedElement is in an Error condition. \n") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [Description("The detailed status of the rule, as a numeric error code.") : Amended ToSubclass] uint32 StatusCode; [Description("The detailed status of the rule, as a string.") : Amended ToSubclass] string Status; [Description("If this object is retrieved from the ActiveStore, describes the current enforcement status of the rule.") : Amended ToSubclass,Values{"Invalid", "Full", "FirewallOffInProfile", "CategoryOff", "DisabledObject", "InactiveProfile", "LocalAddressResolutionEmpty", "RemoteAddressResolutionEmpty", "LocalPortResolutionEmpty", "RemotePortResolutionEmpty", "InterfaceResolutionEmpty", "ApplicationResolutionEmpty", "RemoteMachineEmpty", "RemoteUserEmpty", "LocalGlobalOpenPortsDisallowed", "LocalAuthorizedApplicationsDisallowed", "LocalFirewallRulesDisallowed", "LocalConsecRulesDisallowed", "NotTargetPlatform", "OptimizedOut", "LocalUserEmpty", "TransportMachinesEmpty", "TunnelMachinesEmpty", "TupleResolutionEmpty"} : Amended ToSubclass] uint16 EnforcementStatus[]; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, describes the type of PolicyStore where this rule originally came from.") : Amended ToSubclass] uint16 PolicyStoreSourceType; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, contains the path to the PolicyStore where this rule originally came from.") : Amended ToSubclass] string PolicyStoreSource; [Description("The IPsec Encapsulation Mode that should be used.") : Amended ToSubclass,Values{"Transport Mode", "Tunnel Mode"} : Amended ToSubclass] uint16 Mode; [Description("Whether to allow Trusted Intermediaries to set the key of SA's created by this rule.") : Amended ToSubclass] boolean AllowSetKey; [Description("Whether to allow Trusted Intermediaries to be notified when the encryption keys for this SA change.") : Amended ToSubclass] boolean AllowWatchKey; [Description("The maximum lifetime, in seconds, for SA's created by this rule across the forwarding path.") : Amended ToSubclass] uint32 MaxReturnPathLifetimeSeconds; [Description("Determines how aggressively to enforce security on inbound traffic.") : Amended ToSubclass,Values{"Never", "Request", "Require"} : Amended ToSubclass] uint16 InboundSecurity; [Description("Determines how aggressively to enforce security on outbound traffic.") : Amended ToSubclass,Values{"Never", "Request", "Require"} : Amended ToSubclass] uint16 OutboundSecurity; [Description("Which keying modules to use.") : Amended ToSubclass,Values{"IKEv1", "IKEv2", "AuthIP"} : Amended ToSubclass] uint16 KeyModule; [Description("Require authorization for endpoints. The authorization list is part of the IPsec Globals.") : Amended ToSubclass] boolean RequireAuthorization; [Description("Authorized users for transport mode, specified as an SDDL string.") : Amended ToSubclass] string Users; [Description("Authorized machines for transport mode, specified as an SDDL string.") : Amended ToSubclass] string Machines; [Description("The local tunnel endpoint address.") : Amended ToSubclass] string LocalTunnelEndpoint[]; [Description("A Fully-Qualified Domain Name that resolves to a list of allowed Remote Endpoints. If present, the value in RemoteEndpoint will be used initially, but will be replaced with all the IP addresses that this name resolves to.") : Amended ToSubclass] string RemoteTunnelEndpointDNSName; [Description("The remote tunnel endpoint(s).") : Amended ToSubclass] string RemoteTunnelEndpoint[]; [Description("Allow traffic that is already encrypted to bypass the tunnel.") : Amended ToSubclass] boolean BypassTunnelIfEncrypted; [Description("Synchronize IPsec policy") : Amended ToSubclass] uint32 SyncPolicyDelta([In,Description("Servers") : Amended ToSubclass] string Servers[],[In,Description("Domains") : Amended ToSubclass] string Domains[],[In,Description("Endpoint type") : Amended ToSubclass,Values{"Endpoint1", "Endpoint2"} : Amended ToSubclass] uint16 EndpointType,[In,Description("Types of addresses") : Amended ToSubclass,Values{"IPv4", "IPv6"} : Amended ToSubclass] uint16 AddressType,[In,Description("Servers to perform name resolution against") : Amended ToSubclass] string DnsServers[],[Out,Description("Delta collection") : Amended ToSubclass] MSFT_NetSecDeltaCollection Output[]); [Description("Apply IPsec policy deltas") : Amended ToSubclass] uint32 SetPolicyDelta([Description("Action") : Amended ToSubclass,Values{"Add", "Delete"} : Amended ToSubclass,in] uint16 Action,[In,Description("IPv6 Addresses") : Amended ToSubclass] string IPv6Addresses[],[In,Description("IPv4 Addresses") : Amended ToSubclass] string IPv4Addresses[],[Description("Endpoint type") : Amended ToSubclass,Values{"Endpoint1", "Endpoint2"} : Amended ToSubclass,in] uint16 EndpointType,[In,Description("PassThru") : Amended ToSubclass] boolean PassThru,[Out,Description("Output NetConSecRule") : Amended ToSubclass] MSFT_NetConSecRule Output[]); [Description("Enumerate all parts of all rules") : Amended ToSubclass] uint32 EnumerateFull([Out] CIM_ManagedSystemElement Dependents[]); [Description("Finds the rules that will be used to secure the specified traffic.") : Amended ToSubclass] uint32 Find([In] string LocalAddress,[In] string RemoteAddress,[In] string Protocol,[In] uint16 LocalPort,[In] uint16 RemotePort,[Out] MSFT_NetConSecRule CmdletOutput[]); [Description("Enable this rule.") : Amended ToSubclass] uint32 Enable(); [Description("Disable this rule.") : Amended ToSubclass] uint32 Disable(); [Description("Rename this rule.") : Amended ToSubclass] uint32 Rename([In,Description("The new name for the rule.") : Amended ToSubclass] string NewName); [Description("Copy this rule.") : Amended ToSubclass] uint32 CloneObject([In,Description("The new name for the rule.") : Amended ToSubclass] string NewName,[In,Description("The new policy store for the rule.") : Amended ToSubclass] string NewPolicyStore,[In,Description("The new GPOSession for the rule.") : Amended ToSubclass] string NewGPOSession); }; [Description("Links an IPsec rule to its auth and crypto sets.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetSAActionInSARule : CIM_PolicyActionInPolicyRule { [key,Description("The IPsec rule.") : Amended ToSubclass] CIM_SARule Ref GroupComponent; [key,Description("The auth/crypto sets.") : Amended ToSubclass] CIM_SAAction Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 ActionOrder; }; [Description("Relates an IPsec rule to its Phase 2 Authentication Set.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetSARuleEMAuth : MSFT_NetSAActionInSARule { [key,Description("The IPsec rule.") : Amended ToSubclass] CIM_SARule Ref GroupComponent; [key,Description("The Phase 2 Authentication Set used by the rule.") : Amended ToSubclass] MSFT_NetIKEP2AuthSet Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 ActionOrder; }; [Description("Relates a connection security rule to its Phase 2 Authentication Set.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetConSecRuleEMAuthSet : MSFT_NetSARuleEMAuth { [key,Description("The connection security rule.") : Amended ToSubclass] MSFT_NetConSecRule Ref GroupComponent; [key,Description("The Phase 2 Authentication Set used by the rule.") : Amended ToSubclass] MSFT_NetIKEP2AuthSet Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 ActionOrder; }; [Description("Associates a policy rule to its filters.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetPolicyRuleFilters : CIM_Component { [key,Description("The rule.") : Amended ToSubclass] CIM_PolicyRule Ref GroupComponent; [key,Description("The filters associated with the rule.") : Amended ToSubclass] CIM_FilterEntryBase Ref PartComponent; }; [Description("Associates a connection security rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetConSecRuleFilters : MSFT_NetPolicyRuleFilters { [key,Description("The connection security rule being filtered.") : Amended ToSubclass] MSFT_NetConSecRule Ref GroupComponent; }; [Description("Associates a connection security rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetConSecRuleFilterByAddress : MSFT_NetConSecRuleFilters { [key,Description("The connection security rule being filtered.") : Amended ToSubclass] MSFT_NetConSecRule Ref GroupComponent; [key,Description("The address filter applied to the rule.") : Amended ToSubclass] MSFT_NetAddressFilter Ref PartComponent; }; [Description("Associates a connection security rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetConSecRuleFilterByInterface : MSFT_NetConSecRuleFilters { [key,Description("The connection security rule being filtered.") : Amended ToSubclass] MSFT_NetConSecRule Ref GroupComponent; [key,Description("The interface filter applied to the rule.") : Amended ToSubclass] MSFT_NetInterfaceFilter Ref PartComponent; }; [Description("Associates a connection security rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetConSecRuleFilterByInterfaceType : MSFT_NetConSecRuleFilters { [key,Description("The connection security rule being filtered.") : Amended ToSubclass] MSFT_NetConSecRule Ref GroupComponent; [key,Description("The interface type filter applied to the rule.") : Amended ToSubclass] MSFT_NetInterfaceTypeFilter Ref PartComponent; }; [Description("Associates a connection security rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetConSecRuleFilterByProtocolPort : MSFT_NetConSecRuleFilters { [key,Description("The connection security rule being filtered.") : Amended ToSubclass] MSFT_NetConSecRule Ref GroupComponent; [key,Description("The protocol/port filter applied to the rule.") : Amended ToSubclass] MSFT_NetProtocolPortFilter Ref PartComponent; }; [Description("Indicates that a rule applies to a particular firewall profile.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetRuleInProfile : CIM_PolicySetComponent { [key,Description("The firewall profile.") : Amended ToSubclass] MSFT_NetFirewallProfile Ref GroupComponent; [key,Description("The policy rule within the profile.") : Amended ToSubclass] CIM_PolicyRule Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 Priority; }; [Description("Indicates that a rule applies to a particular firewall profile.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetConSecRuleInProfile : MSFT_NetRuleInProfile { [key,Description("The firewall profile.") : Amended ToSubclass] MSFT_NetFirewallProfile Ref GroupComponent; [key,Description("The connection security rule.") : Amended ToSubclass] MSFT_NetConSecRule Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 Priority; }; [Description("Relates an IPsec rule to its Phase 1 Authentication Set.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetSARuleMMAuth : MSFT_NetSAActionInSARule { [key,Description("The IPsec rule.") : Amended ToSubclass] CIM_SARule Ref GroupComponent; [key,Description("The Phase 1 Authentication Set used by the rule.") : Amended ToSubclass] MSFT_NetIKEP1AuthSet Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 ActionOrder; }; [Description("Relates an IPsec rule to its Phase 1 Authentication Set.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetConSecRuleMMAuthSet : MSFT_NetSARuleMMAuth { [key,Description("The connection security rule.") : Amended ToSubclass] MSFT_NetConSecRule Ref GroupComponent; [key,Description("The Phase 1 Authentication Set used by the rule.") : Amended ToSubclass] MSFT_NetIKEP1AuthSet Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 ActionOrder; }; [Description("Relates an IPsec rule to its Quick Mode crypto set.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetSARuleQMCrypto : MSFT_NetSAActionInSARule { [key,Description("The IPsec rule.") : Amended ToSubclass] CIM_SARule Ref GroupComponent; [key,Description("The Quick Mode crypto set used by this rule.") : Amended ToSubclass] MSFT_NetIKEQMCryptoSet Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 ActionOrder; }; [Description("Relates a connection security rule to its Quick Mode Crypto Set.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetConSecRuleQMCryptoSet : MSFT_NetSARuleQMCrypto { [key,Description("The connection security rule.") : Amended ToSubclass] MSFT_NetConSecRule Ref GroupComponent; [key,Description("The Quick Mode crypto set used by this rule.") : Amended ToSubclass] MSFT_NetIKEQMCryptoSet Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 ActionOrder; }; [Description("Represents a particular firewall profile. Multiple profiles may be in effect on any interface at any given time.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetFirewallProfile : CIM_ManagedElement { [Description("Reserved for internal use by the WMI provider only") : Amended ToSubclass,key] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("The name of the profile.") : Amended ToSubclass] string Name; [Description("Whether the firewall is enabled on this profile.") : Amended ToSubclass] uint16 Enabled; [Description("The default action for Inbound traffic.") : Amended ToSubclass] uint16 DefaultInboundAction; [Description("The default action for outbound traffic.") : Amended ToSubclass] uint16 DefaultOutboundAction; [Description("If this is true, administrators will be able to create firewall rules which allow unsolicited inbound traffic to be accepted. If this is false, such rules will be ignored.") : Amended ToSubclass] uint16 AllowInboundRules; [Description("Determines whether local firewall rules should be merged into the effective policy along with Group Policy settings.") : Amended ToSubclass] uint16 AllowLocalFirewallRules; [Description("Determines whether local IPsec rules should be merged into the effective policy along with rules from Group Policy.") : Amended ToSubclass] uint16 AllowLocalIPsecRules; [Description("Whether to respect user allowed applications created in the legacy Windows XP firewall.") : Amended ToSubclass] uint16 AllowUserApps; [Description("Whether to respect globally opened ports created in the legacy Windows XP firewall.") : Amended ToSubclass] uint16 AllowUserPorts; [Description("Whether to allow unicast responses to multicast traffic.") : Amended ToSubclass] uint16 AllowUnicastResponseToMulticast; [Description("If true, users will be notified when an application listens on a port that is closed.") : Amended ToSubclass] uint16 NotifyOnListen; [Description("The filename in which to store the firewall log.") : Amended ToSubclass] string LogFileName; [Description("Maximum size the log file can reach before being rotated. May be a uint32 value, or MAXUINT64 for Not Configured.") : Amended ToSubclass] uint64 LogMaxSizeKilobytes; [Description("Whether to log allowed packets.") : Amended ToSubclass] uint16 LogAllowed; [Description("Whether to log blocked traffic.") : Amended ToSubclass] uint16 LogBlocked; [Description("Whether to log an event when rules are ignored.") : Amended ToSubclass] uint16 LogIgnored; [Description("Interfaces that the firewall profile is disabled on.") : Amended ToSubclass] string DisabledInterfaceAliases[]; [Description("Whether to use Stealth Mode for IPsec-protected traffic.") : Amended ToSubclass] uint16 EnableStealthModeForIPsec; }; [Description("Represents a Windows firewall rule.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetFirewallRule : CIM_PolicyRule { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("The Caption property is a short textual description (one- line string) of the object.") : Amended ToSubclass] string Caption; [Description("A brief description of the rule. May be an indirect string. If it is an indirect string, then it may not be overwritten.") : Amended ToSubclass] string Description; [Description("The locale-independent name of the rule. May be an indirect string.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] string CommonName; [Description("This field is ignored.") : Amended ToSubclass] string PolicyKeywords[]; [Description("This field is ignored.") : Amended ToSubclass,Values{"First Matching", "All"} : Amended ToSubclass] uint16 PolicyDecisionStrategy; [Description("This field is ignored.") : Amended ToSubclass] string PolicyRoles[]; [Description("Indicates whether this rule is administratively enabled or disabled.") : Amended ToSubclass,Values{"Enabled", "Disabled"} : Amended ToSubclass] uint16 Enabled; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyRuleName; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unconditional Rule", "DNF", "CNF"} : Amended ToSubclass] uint16 ConditionListType; [Description("This field is ignored.") : Amended ToSubclass] string RuleUsage; [Description("This field is ignored.") : Amended ToSubclass] uint16 Priority; [Description("This field is ignored.") : Amended ToSubclass] boolean Mandatory; [Description("This field is ignored.") : Amended ToSubclass,Values{"Mandatory", "Recommended", "Dont Care"} : Amended ToSubclass] uint16 SequencedActions; [Description("This field is ignored.") : Amended ToSubclass,Values{"Do Until Success", "Do All", "Do Until Failure"} : Amended ToSubclass] uint16 ExecutionStrategy; [Description("Which profiles this rule is active on.") : Amended ToSubclass,Values{"Any", "Public", "Private", "Domain"} : Amended ToSubclass] uint16 Profiles; [Description("Whether to group UDP packets into conversations based upon the local address, local port, and remote port. Applies only to UDP.") : Amended ToSubclass] boolean LooseSourceMapping; [Description("Whether to group UDP packets into conversations based only upon the local address and port. Applies only to UDP.") : Amended ToSubclass] boolean LocalOnlyMapping; [Description("The locale-independent name for the group that this rule belongs to. If this field is non-null, then Windows Firewall with Advanced Security assumes that this rule belongs to a Windows component or an installed application, and some parts of the rule are protected (including but not limited to the Name, Description, Program, and Service).") : Amended ToSubclass] string RuleGroup; [Description("The localized name of this rule. This field's value is based on the value of ElementName. Changes to this field are ignored.") : Amended ToSubclass] string DisplayName; [Description("The group that this rule belongs to. This field is based on the value of RuleGroup and changes to this field are ignored.") : Amended ToSubclass] string DisplayGroup; [Description("Specifies how this firewall rule will handle edge traversal cases.") : Amended ToSubclass,Values{"Block", "Allow", "Defer to User", "Defer to App"} : Amended ToSubclass] uint16 EdgeTraversalPolicy; [Description("Specifies which platforms the rule is applicable on. If null, the rule applies to all platforms (the default). Each entry takes the form Major.Minor+, for instance 6.0, 6.1+, or 6.2. If + is specified, then it means that the rule applies to that version or greater. For instance, Windows Vista could be represented as 6 or 6.0, and Windows 7 or later would be represented as 6.1+. + may only be attached to the final item in the list. 6.0+ is not valid because it means the same thing as null (all platforms).") : Amended ToSubclass] string Platforms[]; [Description("Specifies which direction of traffic to match with this rule.") : Amended ToSubclass,Values{"Inbound", "Outbound"} : Amended ToSubclass] uint16 Direction; [Description("Specifies the action to take on traffic that matches this rule.") : Amended ToSubclass,Values{"Allow", "AllowBypass", "Block"} : Amended ToSubclass] uint16 Action; [Description("PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. \nPrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. \"Unknown\" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. \n\"OK\" indicates the ManagedElement is functioning normally. \n\"Degraded\" indicates the ManagedElement is functioning below normal. \n\"Error\" indicates the ManagedElement is in an Error condition. \n") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [Description("The detailed status of the rule, as a numeric error code.") : Amended ToSubclass] uint32 StatusCode; [Description("The detailed status of the rule, as a string.") : Amended ToSubclass] string Status; [Description("If this object is retrieved from the ActiveStore, describes the current enforcement status of the rule.") : Amended ToSubclass,Values{"Invalid", "Full", "FirewallOffInProfile", "CategoryOff", "DisabledObject", "InactiveProfile", "LocalAddressResolutionEmpty", "RemoteAddressResolutionEmpty", "LocalPortResolutionEmpty", "RemotePortResolutionEmpty", "InterfaceResolutionEmpty", "ApplicationResolutionEmpty", "RemoteMachineEmpty", "RemoteUserEmpty", "LocalGlobalOpenPortsDisallowed", "LocalAuthorizedApplicationsDisallowed", "LocalFirewallRulesDisallowed", "LocalConsecRulesDisallowed", "NotTargetPlatform", "OptimizedOut", "LocalUserEmpty", "TransportMachinesEmpty", "TunnelMachinesEmpty", "TupleResolutionEmpty"} : Amended ToSubclass] uint16 EnforcementStatus[]; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, describes the type of PolicyStore where this rule originally came from.") : Amended ToSubclass] uint16 PolicyStoreSourceType; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, contains the path to the PolicyStore where this rule originally came from.") : Amended ToSubclass] string PolicyStoreSource; [Description("The owner of the firewall rule, as a SID.") : Amended ToSubclass] string Owner; [Description("Enable this rule.") : Amended ToSubclass] uint32 Enable(); [Description("Disable this rule.") : Amended ToSubclass] uint32 Disable(); [Description("Rename this rule.") : Amended ToSubclass] uint32 Rename([In,Description("The new name for the rule.") : Amended ToSubclass] string NewName); [Description("Copy this rule.") : Amended ToSubclass] uint32 CloneObject([In,Description("The new name for the rule.") : Amended ToSubclass] string NewName,[In,Description("The new policy store for the rule.") : Amended ToSubclass] string NewPolicyStore,[In,Description("The new GPOSession for the rule.") : Amended ToSubclass] string NewGPOSession); [Description("Desc") : Amended ToSubclass] uint32 EnumerateFull([Out] CIM_ManagedSystemElement Dependents[]); }; [Description("Associates a firewall rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetFirewallRuleFilters : MSFT_NetPolicyRuleFilters { [key,Description("The firewall rule.") : Amended ToSubclass] MSFT_NetFirewallRule Ref GroupComponent; }; [Description("Associates a FirewallRule to its AddressFilter.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetFirewallRuleFilterByAddress : MSFT_NetFirewallRuleFilters { [key,Description("The firewall rule.") : Amended ToSubclass] MSFT_NetFirewallRule Ref GroupComponent; [key,Description("The address filter applied to the rule.") : Amended ToSubclass] MSFT_NetAddressFilter Ref PartComponent; }; [Description("Associates a firewall rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetFirewallRuleFilterByApplication : MSFT_NetFirewallRuleFilters { [key,Description("The firewall rule.") : Amended ToSubclass] MSFT_NetFirewallRule Ref GroupComponent; [key,Description("The application filter applied to the rule.") : Amended ToSubclass] MSFT_NetApplicationFilter Ref PartComponent; }; [Description("Associates a firewall rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetFirewallRuleFilterByInterface : MSFT_NetFirewallRuleFilters { [key,Description("The firewall rule.") : Amended ToSubclass] MSFT_NetFirewallRule Ref GroupComponent; [key,Description("The interface filter applied to the rule.") : Amended ToSubclass] MSFT_NetInterfaceFilter Ref PartComponent; }; [Description("Associates a firewall rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetFirewallRuleFilterByInterfaceType : MSFT_NetFirewallRuleFilters { [key,Description("The firewall rule.") : Amended ToSubclass] MSFT_NetFirewallRule Ref GroupComponent; [key,Description("The interface type filter applied to the rule.") : Amended ToSubclass] MSFT_NetInterfaceTypeFilter Ref PartComponent; }; [Description("Associates a firewall rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetFirewallRuleFilterByProtocolPort : MSFT_NetFirewallRuleFilters { [key,Description("The firewall rule.") : Amended ToSubclass] MSFT_NetFirewallRule Ref GroupComponent; [key,Description("The protocol/port filter applied to the rule.") : Amended ToSubclass] MSFT_NetProtocolPortFilter Ref PartComponent; }; [Description("Associates a firewall rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetFirewallRuleFilterBySecurity : MSFT_NetFirewallRuleFilters { [key,Description("The firewall rule.") : Amended ToSubclass] MSFT_NetFirewallRule Ref GroupComponent; [key,Description("The security filter applied to the rule.") : Amended ToSubclass] MSFT_NetNetworkLayerSecurityFilter Ref PartComponent; }; [Description("Associates a firewall rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetFirewallRuleFilterByService : MSFT_NetFirewallRuleFilters { [key,Description("The firewall rule.") : Amended ToSubclass] MSFT_NetFirewallRule Ref GroupComponent; [key,Description("The service filter applied to the rule.") : Amended ToSubclass] MSFT_NetServiceFilter Ref PartComponent; }; [Description("Associates a firewall rule with a profile that it is in.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetFirewallRuleInProfile : MSFT_NetRuleInProfile { [key,Description("The firewall profile.") : Amended ToSubclass] MSFT_NetFirewallProfile Ref GroupComponent; [key,Description("The firewall profile.") : Amended ToSubclass] MSFT_NetFirewallRule Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 Priority; }; [Description("This class does not have any instances. It is used to manage locally-cached Group Policy Objects.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetGPO : CIM_SettingData { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass,key] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("Read a GPO, and cache results locally") : Amended ToSubclass] uint32 Open([In] string PolicyStore,[In] string DomainController,[Out,Description("Output GPO Session identifier") : Amended ToSubclass] string GPOSession); [Description("Write the local cached GPO info back to AD") : Amended ToSubclass] uint32 Save([In] string GPOSession); }; [Description("Represents an auth proposal.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKEAuthProposal : CIM_IKEProposal { }; [Description("A list of auth suites, in preferential order, to use when negotiating an SA.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKEAuthSet : CIM_IKEAction { [Description("The locale-independent name for the group that this set belongs to.") : Amended ToSubclass] string RuleGroup; [Description("The localized name of this set. This field's value is based on the value of ElementName. Changes to this field are ignored.") : Amended ToSubclass] string DisplayName; [Description("The group that this set belongs to. This field is based on the value of RuleGroup and changes to this field are ignored.") : Amended ToSubclass] string DisplayGroup; [Description("The proposals within this set, in order of preference.") : Amended ToSubclass] MSFT_NetIKEAuthProposal Proposals[]; [Description("PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. \nPrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. \"Unknown\" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. \n\"OK\" indicates the ManagedElement is functioning normally. \n\"Degraded\" indicates the ManagedElement is functioning below normal. \n\"Error\" indicates the ManagedElement is in an Error condition. \n") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [Description("The detailed status of the rule, as a numeric error code.") : Amended ToSubclass] uint32 StatusCode; [Description("The detailed status of the rule, as a string.") : Amended ToSubclass] string Status; [Description("If this object is retrieved from the ActiveStore, describes the current enforcement status of the rule.") : Amended ToSubclass,Values{"Invalid", "Full", "FirewallOffInProfile", "CategoryOff", "DisabledObject", "InactiveProfile", "LocalAddressResolutionEmpty", "RemoteAddressResolutionEmpty", "LocalPortResolutionEmpty", "RemotePortResolutionEmpty", "InterfaceResolutionEmpty", "ApplicationResolutionEmpty", "RemoteMachineEmpty", "RemoteUserEmpty", "LocalGlobalOpenPortsDisallowed", "LocalAuthorizedApplicationsDisallowed", "LocalFirewallRulesDisallowed", "LocalConsecRulesDisallowed", "NotTargetPlatform", "OptimizedOut", "LocalUserEmpty", "TransportMachinesEmpty", "TunnelMachinesEmpty", "TupleResolutionEmpty"} : Amended ToSubclass] uint16 EnforcementStatus[]; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, describes the type of PolicyStore where this rule originally came from.") : Amended ToSubclass] uint16 PolicyStoreSourceType; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, contains the path to the PolicyStore where this rule originally came from.") : Amended ToSubclass] string PolicyStoreSource; }; [Description("Represents an auth proposal. Instances of this class only exist as embedded instances within a MSFT_NetIKEP1AuthSet and MSFT_NetIKEP2AuthSet.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKEBasicAuthProposal : MSFT_NetIKEAuthProposal { [Description("This field is ignored.") : Amended ToSubclass,key] string InstanceID; [Description("This field is ignored.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 MaxLifetimeSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 MaxLifetimeKilobytes; [Description("This field is ignored.") : Amended ToSubclass,Values{"Other", "DES", "IDEA", "Blowfish", "RC5", "3DES", "CAST", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CipherAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherCipherAlgorithm; [Description("This field is ignored.") : Amended ToSubclass,Values{"Other", "MD5", "SHA-1", "Tiger", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 HashAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherHashAlgorithm; [Description("Specifies the proposed authentication. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.AuthenticationMethod.") : Amended ToSubclass,Values{"Pre-shared Key", "Anonymous", "Kerberos (machine as principal)", "NTLM (machine as principal)", "Kerberos (user as principal)", "NTLM (user as principal)", "X.509 Certificates (machine as principal)", "X.509 Certificates (user as principal)", "X.509 Certificates (machine health)"} : Amended ToSubclass] uint16 AuthenticationMethod; [Description("This field is ignored.") : Amended ToSubclass] string OtherAuthenticationMethod; [Description("This field is ignored.") : Amended ToSubclass,Values{"No Group/Non-Diffie-Hellman Exchange", "DH-768 bit prime", "DH-1024 bit prime", "EC2N-155 bit field element", "EC2N-185 bit field element", "DH-1536 bit prime", "Standard Group - Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 GroupId; [Description("This field is ignored.") : Amended ToSubclass] string VendorID; }; [Description("Represents an auth proposal that uses certificates to authenticate the remote peer. Instances of this class only exist as embedded instances within a MSFT_NetIKEP1AuthSet and MSFT_NetIKEP2AuthSet.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKECertAuthProposal : MSFT_NetIKEAuthProposal { [Description("This field is ignored.") : Amended ToSubclass,key] string InstanceID; [Description("This field is ignored.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 MaxLifetimeSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 MaxLifetimeKilobytes; [Description("This field is ignored.") : Amended ToSubclass,Values{"Other", "DES", "IDEA", "Blowfish", "RC5", "3DES", "CAST", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CipherAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherCipherAlgorithm; [Description("This field is ignored.") : Amended ToSubclass,Values{"Other", "MD5", "SHA-1", "Tiger", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 HashAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherHashAlgorithm; [Description("Specifies the proposed authentication. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.AuthenticationMethod.") : Amended ToSubclass,Values{"Pre-shared Key", "Anonymous", "Kerberos (machine as principal)", "NTLM (machine as principal)", "Kerberos (user as principal)", "NTLM (user as principal)", "X.509 Certificates (machine as principal)", "X.509 Certificates (user as principal)", "X.509 Certificates (machine health)"} : Amended ToSubclass] uint16 AuthenticationMethod; [Description("This field is ignored.") : Amended ToSubclass] string OtherAuthenticationMethod; [Description("This field is ignored.") : Amended ToSubclass,Values{"No Group/Non-Diffie-Hellman Exchange", "DH-768 bit prime", "DH-1024 bit prime", "EC2N-155 bit field element", "EC2N-185 bit field element", "DH-1536 bit prime", "Standard Group - Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 GroupId; [Description("This field is ignored.") : Amended ToSubclass] string VendorID; [Description("Only certs issued by this CA should be allowed.") : Amended ToSubclass] string TrustedCA; [Description("Indicates whether to accept certificates only from the root TrustedCA, or to also accept certificates from Intermediate CA's which are children of the TrustedCA.") : Amended ToSubclass,Values{"Root CA", "Intermediate CA"} : Amended ToSubclass] uint16 TrustedCAType; [Description("If this flag is set, certificate authority names are excluded. This flag MUST be set only on first authentications.") : Amended ToSubclass] boolean ExcludeCAName; [Description("If this flag is set, Windows will attempt to map certificates to domain accounts.") : Amended ToSubclass] boolean MapToAccount; [Description("Specifies the certificate signing algorithm to use.") : Amended ToSubclass,Values{"RSA", "256-bit Elliptic-Curve DSA", "384-bit Elliptic-Curve DSA"} : Amended ToSubclass] uint16 SigningAlgorithm; [Description("The name that should be on the certificate.") : Amended ToSubclass] string CertName; [Description("The type of name used in CertName.") : Amended ToSubclass,Values{"None", "DNS", "UPN", "RFC822", "CN", "OU", "O", "DC"} : Amended ToSubclass] uint16 CertNameType; [Description("The EKU's to accept.") : Amended ToSubclass] string EKUs[]; [Description("The thumbprint to accept.") : Amended ToSubclass] string Thumbprint; [Description("Whether to follow certificate renewal.") : Amended ToSubclass] boolean FollowRenewal; [Description("Whether the cert criteria (CertName, EKUs, Thumbprint) should be used when choosing which certificates to offer.") : Amended ToSubclass] boolean SelectionCriteria; [Description("Whether the cert criteria (CertName, EKUs, Thumbprint) should be used for validating the certificates presented.") : Amended ToSubclass] boolean ValidationCriteria; }; [Description("Represents a suite of crypto algorithms to propose.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKECryptoProposal : CIM_IKEProposal { }; [Description("A list of crypto suites, in preferential order, to use when negotiating an SA.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKECryptoSet : CIM_IKEAction { [Description("The locale-independent name for the group that this set belongs to.") : Amended ToSubclass] string RuleGroup; [Description("The localized name of this set. This field's value is based on the value of ElementName. Changes to this field are ignored.") : Amended ToSubclass] string DisplayName; [Description("The group that this set belongs to. This field is based on the value of RuleGroup and changes to this field are ignored.") : Amended ToSubclass] string DisplayGroup; [Description("The proposals within this set, in order of preference.") : Amended ToSubclass] MSFT_NetIKECryptoProposal Proposals[]; [Description("PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. \nPrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. \"Unknown\" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. \n\"OK\" indicates the ManagedElement is functioning normally. \n\"Degraded\" indicates the ManagedElement is functioning below normal. \n\"Error\" indicates the ManagedElement is in an Error condition. \n") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [Description("The detailed status of the rule, as a numeric error code.") : Amended ToSubclass] uint32 StatusCode; [Description("The detailed status of the rule, as a string.") : Amended ToSubclass] string Status; [Description("If this object is retrieved from the ActiveStore, describes the current enforcement status of the rule.") : Amended ToSubclass,Values{"Invalid", "Full", "FirewallOffInProfile", "CategoryOff", "DisabledObject", "InactiveProfile", "LocalAddressResolutionEmpty", "RemoteAddressResolutionEmpty", "LocalPortResolutionEmpty", "RemotePortResolutionEmpty", "InterfaceResolutionEmpty", "ApplicationResolutionEmpty", "RemoteMachineEmpty", "RemoteUserEmpty", "LocalGlobalOpenPortsDisallowed", "LocalAuthorizedApplicationsDisallowed", "LocalFirewallRulesDisallowed", "LocalConsecRulesDisallowed", "NotTargetPlatform", "OptimizedOut", "LocalUserEmpty", "TransportMachinesEmpty", "TunnelMachinesEmpty", "TupleResolutionEmpty"} : Amended ToSubclass] uint16 EnforcementStatus[]; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, describes the type of PolicyStore where this rule originally came from.") : Amended ToSubclass] uint16 PolicyStoreSourceType; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, contains the path to the PolicyStore where this rule originally came from.") : Amended ToSubclass] string PolicyStoreSource; }; [Description("Represents an auth proposal for Kerberos.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKEKerbAuthProposal : MSFT_NetIKEAuthProposal { [Description("This field is ignored.") : Amended ToSubclass,key] string InstanceID; [Description("This field is ignored.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 MaxLifetimeSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 MaxLifetimeKilobytes; [Description("This field is ignored.") : Amended ToSubclass,Values{"Other", "DES", "IDEA", "Blowfish", "RC5", "3DES", "CAST", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CipherAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherCipherAlgorithm; [Description("This field is ignored.") : Amended ToSubclass,Values{"Other", "MD5", "SHA-1", "Tiger", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 HashAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherHashAlgorithm; [Description("Specifies the proposed authentication. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.AuthenticationMethod.") : Amended ToSubclass,Values{"Pre-shared Key", "Anonymous", "Kerberos (machine as principal)", "NTLM (machine as principal)", "Kerberos (user as principal)", "NTLM (user as principal)", "X.509 Certificates (machine as principal)", "X.509 Certificates (user as principal)", "X.509 Certificates (machine health)"} : Amended ToSubclass] uint16 AuthenticationMethod; [Description("This field is ignored.") : Amended ToSubclass] string OtherAuthenticationMethod; [Description("This field is ignored.") : Amended ToSubclass,Values{"No Group/Non-Diffie-Hellman Exchange", "DH-768 bit prime", "DH-1024 bit prime", "EC2N-155 bit field element", "EC2N-185 bit field element", "DH-1536 bit prime", "Standard Group - Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 GroupId; [Description("This field is ignored.") : Amended ToSubclass] string VendorID; [Description("The Kerberos proxy server to use when authenticating remotely.") : Amended ToSubclass] string KerbProxy; }; [Description("Represents a crypto suite to propose in main mode.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKEMMCryptoProposal : MSFT_NetIKECryptoProposal { [Description("This field is ignored.") : Amended ToSubclass,key] string InstanceID; [Description("This field is ignored.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 MaxLifetimeSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 MaxLifetimeKilobytes; [Description("Specifies the proposed encryption algorithm.") : Amended ToSubclass,Values{"None", "DES", "3DES", "AES-128", "AES-192", "AES-256", "AES-GCM-128", "AES-GCM-192", "AES-GCM-256"} : Amended ToSubclass] uint16 CipherAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherCipherAlgorithm; [Description("Specifies the proposed hash algorithm.") : Amended ToSubclass,Values{"None", "MD5", "SHA-1", "SHA-256", "SHA-384", "AES-GMAC-128", "AES-GMAC-192", "AES-GMAC-256"} : Amended ToSubclass] uint16 HashAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherHashAlgorithm; [Description("Specifies the proposed authentication. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.AuthenticationMethod.") : Amended ToSubclass,Values{"Pre-shared Key", "Anonymous", "Kerberos (machine as principal)", "NTLM (machine as principal)", "Kerberos (user as principal)", "NTLM (user as principal)", "X.509 Certificates (machine as principal)", "X.509 Certificates (user as principal)", "X.509 Certificates (machine health)"} : Amended ToSubclass] uint16 AuthenticationMethod; [Description("This field is ignored.") : Amended ToSubclass] string OtherAuthenticationMethod; [Description("The property GroupId specifies the proposed phase 1 security association key exchange group. Well-known group identifiers from RFC2412, Appendix E, are: Group 1='768 bit prime', Group 2='1024 bit prime', Group 3 ='Elliptic Curve Group with 155 bit field element', Group 4= 'Large Elliptic Curve Group with 185 bit field element', and Group 5='1536 bit prime'. Note that only groups 1, 2, 14, 19, 20, and 24 are acceptable in Windows 8.") : Amended ToSubclass,Values{"None", "DH Group 1", "DH Group 2", "DH Group 14", "DH Group 19", "DH Group 20", "DH Group 24"} : Amended ToSubclass] uint16 GroupId; [Description("This field is ignored.") : Amended ToSubclass] string VendorID; }; [Description("For a Main Mode or Connection Security rule, sets parameters for the main mode negotiation and describes the crypto proposals that should be negotiated.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKEMMCryptoSet : MSFT_NetIKECryptoSet { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("The Caption property is a short textual description (one- line string) of the object.") : Amended ToSubclass] string Caption; [Description("A brief description of the set. May be an indirect string. If it is an indirect string, then it may not be overwritten.") : Amended ToSubclass] string Description; [Description("The locale-independent name of the set. May be an indirect string.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] string CommonName; [Description("This field is ignored.") : Amended ToSubclass] string PolicyKeywords[]; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyRuleCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyRuleName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyActionName; [Description("This field is ignored.") : Amended ToSubclass] boolean DoActionLogging; [Description("This field is ignored.") : Amended ToSubclass] boolean DoPacketLogging; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 MinLifetimeSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 IdleDurationSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 MinLifetimeKilobytes; [Description("This field is ignored.") : Amended ToSubclass,Values{"Base", "Main", "Aggressive"} : Amended ToSubclass] uint16 ExchangeMode; [Description("This field is ignored.") : Amended ToSubclass,Values{"Other", "IPV4 Address", "FQDN", "User FQDN", "IPV4 Subnet Address", "IPV6 Address", "IPV6 Subnet Address", "IPV4 Address Range", "IPV6 Address Range", "DER ASN1 DN", "DER ASN1 GN", "KEY ID", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 UseIKEIdentityType; [Description("This field is ignored.") : Amended ToSubclass] string VendorID; [Description("This field is ignored.") : Amended ToSubclass,Values{"No Group/Non-Diffie-Hellman Exchange", "DH-768 bit prime", "DH-1024 bit prime", "EC2N-155 bit field element", "EC2N-185 bit field element", "DH-1536 bit prime", "Standard Group - Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 AggressiveModeGroupID; [Description("The locale-independent name for the group that this set belongs to.") : Amended ToSubclass] string RuleGroup; [Description("The localized name of this set. This field's value is based on the value of ElementName. Changes to this field are ignored.") : Amended ToSubclass] string DisplayName; [Description("The group that this set belongs to. This field is based on the value of RuleGroup and changes to this field are ignored.") : Amended ToSubclass] string DisplayGroup; [Description("The proposals within this set, in order of preference.") : Amended ToSubclass] MSFT_NetIKECryptoProposal Proposals[]; [Description("PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. \nPrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. \"Unknown\" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. \n\"OK\" indicates the ManagedElement is functioning normally. \n\"Degraded\" indicates the ManagedElement is functioning below normal. \n\"Error\" indicates the ManagedElement is in an Error condition. \n") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [Description("The detailed status of the rule, as a numeric error code.") : Amended ToSubclass] uint32 StatusCode; [Description("The detailed status of the rule, as a string.") : Amended ToSubclass] string Status; [Description("If this object is retrieved from the ActiveStore, describes the current enforcement status of the rule.") : Amended ToSubclass,Values{"Invalid", "Full", "FirewallOffInProfile", "CategoryOff", "DisabledObject", "InactiveProfile", "LocalAddressResolutionEmpty", "RemoteAddressResolutionEmpty", "LocalPortResolutionEmpty", "RemotePortResolutionEmpty", "InterfaceResolutionEmpty", "ApplicationResolutionEmpty", "RemoteMachineEmpty", "RemoteUserEmpty", "LocalGlobalOpenPortsDisallowed", "LocalAuthorizedApplicationsDisallowed", "LocalFirewallRulesDisallowed", "LocalConsecRulesDisallowed", "NotTargetPlatform", "OptimizedOut", "LocalUserEmpty", "TransportMachinesEmpty", "TunnelMachinesEmpty", "TupleResolutionEmpty"} : Amended ToSubclass] uint16 EnforcementStatus[]; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, describes the type of PolicyStore where this rule originally came from.") : Amended ToSubclass] uint16 PolicyStoreSourceType; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, contains the path to the PolicyStore where this rule originally came from.") : Amended ToSubclass] string PolicyStoreSource; [Description("Require use of Diffie-Hellman for enhanced security.") : Amended ToSubclass] boolean ForceDiffieHellman; [Description("The maximum number of QM SA's that may be established using this MMSA before it must be re-established.") : Amended ToSubclass] uint32 MaxLifetimeSessions; [Description("The maximum amount of time that can elapse before this MMSA must be re-established.") : Amended ToSubclass] uint32 MaxLifetimeMinutes; [Description("Rename this set.") : Amended ToSubclass] uint32 Rename([In,Description("The new name for the set.") : Amended ToSubclass] string NewName); [Description("Copy this set.") : Amended ToSubclass] uint32 CloneObject([In,Description("The new name for the set.") : Amended ToSubclass] string NewName,[In,Description("The new ID for the set.") : Amended ToSubclass] string NewID,[In,Description("The new policy store for the set.") : Amended ToSubclass] string NewPolicyStore,[In,Description("The new GPOSession for the set.") : Amended ToSubclass] string NewGPOSession); }; [Description("A set of authentication proposals used in Phase 1 of authentication.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKEP1AuthSet : MSFT_NetIKEAuthSet { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("The Caption property is a short textual description (one- line string) of the object.") : Amended ToSubclass] string Caption; [Description("A brief description of the set. May be an indirect string. If it is an indirect string, then it may not be overwritten.") : Amended ToSubclass] string Description; [Description("The locale-independent name of the set. May be an indirect string.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] string CommonName; [Description("This field is ignored.") : Amended ToSubclass] string PolicyKeywords[]; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyRuleCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyRuleName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyActionName; [Description("This field is ignored.") : Amended ToSubclass] boolean DoActionLogging; [Description("This field is ignored.") : Amended ToSubclass] boolean DoPacketLogging; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 MinLifetimeSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 IdleDurationSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 MinLifetimeKilobytes; [Description("This field is ignored.") : Amended ToSubclass,Values{"Base", "Main", "Aggressive"} : Amended ToSubclass] uint16 ExchangeMode; [Description("This field is ignored.") : Amended ToSubclass,Values{"Other", "IPV4 Address", "FQDN", "User FQDN", "IPV4 Subnet Address", "IPV6 Address", "IPV6 Subnet Address", "IPV4 Address Range", "IPV6 Address Range", "DER ASN1 DN", "DER ASN1 GN", "KEY ID", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 UseIKEIdentityType; [Description("This field is ignored.") : Amended ToSubclass] string VendorID; [Description("This field is ignored.") : Amended ToSubclass,Values{"No Group/Non-Diffie-Hellman Exchange", "DH-768 bit prime", "DH-1024 bit prime", "EC2N-155 bit field element", "EC2N-185 bit field element", "DH-1536 bit prime", "Standard Group - Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 AggressiveModeGroupID; [Description("The locale-independent name for the group that this set belongs to.") : Amended ToSubclass] string RuleGroup; [Description("The localized name of this set. This field's value is based on the value of ElementName. Changes to this field are ignored.") : Amended ToSubclass] string DisplayName; [Description("The group that this set belongs to. This field is based on the value of RuleGroup and changes to this field are ignored.") : Amended ToSubclass] string DisplayGroup; [Description("The proposals within this set, in order of preference.") : Amended ToSubclass] MSFT_NetIKEAuthProposal Proposals[]; [Description("PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. \nPrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. \"Unknown\" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. \n\"OK\" indicates the ManagedElement is functioning normally. \n\"Degraded\" indicates the ManagedElement is functioning below normal. \n\"Error\" indicates the ManagedElement is in an Error condition. \n") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [Description("The detailed status of the rule, as a numeric error code.") : Amended ToSubclass] uint32 StatusCode; [Description("The detailed status of the rule, as a string.") : Amended ToSubclass] string Status; [Description("If this object is retrieved from the ActiveStore, describes the current enforcement status of the rule.") : Amended ToSubclass,Values{"Invalid", "Full", "FirewallOffInProfile", "CategoryOff", "DisabledObject", "InactiveProfile", "LocalAddressResolutionEmpty", "RemoteAddressResolutionEmpty", "LocalPortResolutionEmpty", "RemotePortResolutionEmpty", "InterfaceResolutionEmpty", "ApplicationResolutionEmpty", "RemoteMachineEmpty", "RemoteUserEmpty", "LocalGlobalOpenPortsDisallowed", "LocalAuthorizedApplicationsDisallowed", "LocalFirewallRulesDisallowed", "LocalConsecRulesDisallowed", "NotTargetPlatform", "OptimizedOut", "LocalUserEmpty", "TransportMachinesEmpty", "TunnelMachinesEmpty", "TupleResolutionEmpty"} : Amended ToSubclass] uint16 EnforcementStatus[]; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, describes the type of PolicyStore where this rule originally came from.") : Amended ToSubclass] uint16 PolicyStoreSourceType; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, contains the path to the PolicyStore where this rule originally came from.") : Amended ToSubclass] string PolicyStoreSource; [Description("Rename this set.") : Amended ToSubclass] uint32 Rename([In,Description("The new name for the set.") : Amended ToSubclass] string NewName); [Description("Copy this set.") : Amended ToSubclass] uint32 CloneObject([In,Description("The new name for the set.") : Amended ToSubclass] string NewName,[In,Description("The new ID for the set.") : Amended ToSubclass] string NewID,[In,Description("The new policy store for the set.") : Amended ToSubclass] string NewPolicyStore,[In,Description("The new GPOSession for the set.") : Amended ToSubclass] string NewGPOSession); }; [Description("A set of authentication proposals that can be used in Phase 2 of authentication.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKEP2AuthSet : MSFT_NetIKEAuthSet { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("The Caption property is a short textual description (one- line string) of the object.") : Amended ToSubclass] string Caption; [Description("A brief description of the set. May be an indirect string. If it is an indirect string, then it may not be overwritten.") : Amended ToSubclass] string Description; [Description("The locale-independent name of the set. May be an indirect string.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] string CommonName; [Description("This field is ignored.") : Amended ToSubclass] string PolicyKeywords[]; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyRuleCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyRuleName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyActionName; [Description("This field is ignored.") : Amended ToSubclass] boolean DoActionLogging; [Description("This field is ignored.") : Amended ToSubclass] boolean DoPacketLogging; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 MinLifetimeSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 IdleDurationSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 MinLifetimeKilobytes; [Description("This field is ignored.") : Amended ToSubclass,Values{"Base", "Main", "Aggressive"} : Amended ToSubclass] uint16 ExchangeMode; [Description("This field is ignored.") : Amended ToSubclass,Values{"Other", "IPV4 Address", "FQDN", "User FQDN", "IPV4 Subnet Address", "IPV6 Address", "IPV6 Subnet Address", "IPV4 Address Range", "IPV6 Address Range", "DER ASN1 DN", "DER ASN1 GN", "KEY ID", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 UseIKEIdentityType; [Description("This field is ignored.") : Amended ToSubclass] string VendorID; [Description("This field is ignored.") : Amended ToSubclass,Values{"No Group/Non-Diffie-Hellman Exchange", "DH-768 bit prime", "DH-1024 bit prime", "EC2N-155 bit field element", "EC2N-185 bit field element", "DH-1536 bit prime", "Standard Group - Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 AggressiveModeGroupID; [Description("The locale-independent name for the group that this set belongs to.") : Amended ToSubclass] string RuleGroup; [Description("The localized name of this set. This field's value is based on the value of ElementName. Changes to this field are ignored.") : Amended ToSubclass] string DisplayName; [Description("The group that this set belongs to. This field is based on the value of RuleGroup and changes to this field are ignored.") : Amended ToSubclass] string DisplayGroup; [Description("The proposals within this set, in order of preference.") : Amended ToSubclass] MSFT_NetIKEAuthProposal Proposals[]; [Description("PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. \nPrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. \"Unknown\" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. \n\"OK\" indicates the ManagedElement is functioning normally. \n\"Degraded\" indicates the ManagedElement is functioning below normal. \n\"Error\" indicates the ManagedElement is in an Error condition. \n") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [Description("The detailed status of the rule, as a numeric error code.") : Amended ToSubclass] uint32 StatusCode; [Description("The detailed status of the rule, as a string.") : Amended ToSubclass] string Status; [Description("If this object is retrieved from the ActiveStore, describes the current enforcement status of the rule.") : Amended ToSubclass,Values{"Invalid", "Full", "FirewallOffInProfile", "CategoryOff", "DisabledObject", "InactiveProfile", "LocalAddressResolutionEmpty", "RemoteAddressResolutionEmpty", "LocalPortResolutionEmpty", "RemotePortResolutionEmpty", "InterfaceResolutionEmpty", "ApplicationResolutionEmpty", "RemoteMachineEmpty", "RemoteUserEmpty", "LocalGlobalOpenPortsDisallowed", "LocalAuthorizedApplicationsDisallowed", "LocalFirewallRulesDisallowed", "LocalConsecRulesDisallowed", "NotTargetPlatform", "OptimizedOut", "LocalUserEmpty", "TransportMachinesEmpty", "TunnelMachinesEmpty", "TupleResolutionEmpty"} : Amended ToSubclass] uint16 EnforcementStatus[]; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, describes the type of PolicyStore where this rule originally came from.") : Amended ToSubclass] uint16 PolicyStoreSourceType; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, contains the path to the PolicyStore where this rule originally came from.") : Amended ToSubclass] string PolicyStoreSource; [Description("Rename this set.") : Amended ToSubclass] uint32 Rename([In,Description("The new name for the set.") : Amended ToSubclass] string NewName); [Description("Copy this set.") : Amended ToSubclass] uint32 CloneObject([In,Description("The new name for the set.") : Amended ToSubclass] string NewName,[In,Description("The new ID for the set.") : Amended ToSubclass] string NewID,[In,Description("The new policy store for the set.") : Amended ToSubclass] string NewPolicyStore,[In,Description("The new GPOSession for the set.") : Amended ToSubclass] string NewGPOSession); }; [Description("A Pre-shared Key authentication proposal.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKEPSKAuthProposal : MSFT_NetIKEAuthProposal { [Description("This field is ignored.") : Amended ToSubclass,key] string InstanceID; [Description("This field is ignored.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 MaxLifetimeSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 MaxLifetimeKilobytes; [Description("This field is ignored.") : Amended ToSubclass,Values{"Other", "DES", "IDEA", "Blowfish", "RC5", "3DES", "CAST", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CipherAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherCipherAlgorithm; [Description("This field is ignored.") : Amended ToSubclass,Values{"Other", "MD5", "SHA-1", "Tiger", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 HashAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherHashAlgorithm; [Description("Specifies the proposed authentication. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.AuthenticationMethod.") : Amended ToSubclass,Values{"Pre-shared Key", "Anonymous", "Kerberos (machine as principal)", "NTLM (machine as principal)", "Kerberos (user as principal)", "NTLM (user as principal)", "X.509 Certificates (machine as principal)", "X.509 Certificates (user as principal)", "X.509 Certificates (machine health)"} : Amended ToSubclass] uint16 AuthenticationMethod; [Description("This field is ignored.") : Amended ToSubclass] string OtherAuthenticationMethod; [Description("This field is ignored.") : Amended ToSubclass,Values{"No Group/Non-Diffie-Hellman Exchange", "DH-768 bit prime", "DH-1024 bit prime", "EC2N-155 bit field element", "EC2N-185 bit field element", "DH-1536 bit prime", "Standard Group - Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 GroupId; [Description("This field is ignored.") : Amended ToSubclass] string VendorID; [Description("The key to use in the authentication.") : Amended ToSubclass] string PreSharedKey; }; [Description("Represents a crypto suite to propose in quick mode.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKEQMCryptoProposal : MSFT_NetIKECryptoProposal { [Description("This field is ignored.") : Amended ToSubclass,key] string InstanceID; [Description("This field is ignored.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 MaxLifetimeSeconds; [Description("The maximum lifetime for a Quick-Mode SA before it must be rekeyed, in kilobytes.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 MaxLifetimeKilobytes; [Description("Specifies the proposed encryption algorithm.") : Amended ToSubclass,Values{"None", "DES", "3DES", "AES-128", "AES-192", "AES-256", "AES-GCM-128", "AES-GCM-192", "AES-GCM-256"} : Amended ToSubclass] uint16 CipherAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherCipherAlgorithm; [Description("This field is ignored.") : Amended ToSubclass,Values{"Other", "MD5", "SHA-1", "Tiger", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 HashAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherHashAlgorithm; [Description("Specifies the proposed authentication. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.AuthenticationMethod.") : Amended ToSubclass,Values{"Pre-shared Key", "Anonymous", "Kerberos (machine as principal)", "NTLM (machine as principal)", "Kerberos (user as principal)", "NTLM (user as principal)", "X.509 Certificates (machine as principal)", "X.509 Certificates (user as principal)", "X.509 Certificates (machine health)"} : Amended ToSubclass] uint16 AuthenticationMethod; [Description("This field is ignored.") : Amended ToSubclass] string OtherAuthenticationMethod; [Description("This field is ignored.") : Amended ToSubclass,Values{"No Group/Non-Diffie-Hellman Exchange", "DH-768 bit prime", "DH-1024 bit prime", "EC2N-155 bit field element", "EC2N-185 bit field element", "DH-1536 bit prime", "Standard Group - Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 GroupId; [Description("This field is ignored.") : Amended ToSubclass] string VendorID; [Description("Hash algorithm to use in AH.") : Amended ToSubclass,Values{"None", "MD5", "SHA-1", "SHA-256", "SHA-384", "AES-GMAC-128", "AES-GMAC-192", "AES-GMAC-256"} : Amended ToSubclass] uint16 HashAlgorithmAH; [Description("Hash algorithm to use in ESP.") : Amended ToSubclass,Values{"None", "MD5", "SHA-1", "SHA-256", "SHA-384", "AES-GMAC-128", "AES-GMAC-192", "AES-GMAC-256"} : Amended ToSubclass] uint16 HashAlgorithmESP; [Description("What type of encapsulation to use.") : Amended ToSubclass,Values{"AH", "ESP", "AH/ESP", "None"} : Amended ToSubclass] uint16 Encapsulation; [Description("The maximum lifetime for a Quick-Mode SA before it must be rekeyed, in minutes.") : Amended ToSubclass] uint32 MaxLifetimeMinutes; }; [Description("Specifies parameters for the quick mode negotiation as well as dictating the crypto sets that should be proposed during the exchange.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIKEQMCryptoSet : MSFT_NetIKECryptoSet { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("The Caption property is a short textual description (one- line string) of the object.") : Amended ToSubclass] string Caption; [Description("A brief description of the set. May be an indirect string. If it is an indirect string, then it may not be overwritten.") : Amended ToSubclass] string Description; [Description("The locale-independent name of the set. May be an indirect string.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] string CommonName; [Description("This field is ignored.") : Amended ToSubclass] string PolicyKeywords[]; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyRuleCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyRuleName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyActionName; [Description("This field is ignored.") : Amended ToSubclass] boolean DoActionLogging; [Description("This field is ignored.") : Amended ToSubclass] boolean DoPacketLogging; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 MinLifetimeSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 IdleDurationSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 MinLifetimeKilobytes; [Description("This field is ignored.") : Amended ToSubclass,Values{"Base", "Main", "Aggressive"} : Amended ToSubclass] uint16 ExchangeMode; [Description("This field is ignored.") : Amended ToSubclass,Values{"Other", "IPV4 Address", "FQDN", "User FQDN", "IPV4 Subnet Address", "IPV6 Address", "IPV6 Subnet Address", "IPV4 Address Range", "IPV6 Address Range", "DER ASN1 DN", "DER ASN1 GN", "KEY ID", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 UseIKEIdentityType; [Description("This field is ignored.") : Amended ToSubclass] string VendorID; [Description("This field is ignored.") : Amended ToSubclass,Values{"No Group/Non-Diffie-Hellman Exchange", "DH-768 bit prime", "DH-1024 bit prime", "EC2N-155 bit field element", "EC2N-185 bit field element", "DH-1536 bit prime", "Standard Group - Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 AggressiveModeGroupID; [Description("The locale-independent name for the group that this set belongs to.") : Amended ToSubclass] string RuleGroup; [Description("The localized name of this set. This field's value is based on the value of ElementName. Changes to this field are ignored.") : Amended ToSubclass] string DisplayName; [Description("The group that this set belongs to. This field is based on the value of RuleGroup and changes to this field are ignored.") : Amended ToSubclass] string DisplayGroup; [Description("The proposals within this set, in order of preference.") : Amended ToSubclass] MSFT_NetIKECryptoProposal Proposals[]; [Description("PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. \nPrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. \"Unknown\" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. \n\"OK\" indicates the ManagedElement is functioning normally. \n\"Degraded\" indicates the ManagedElement is functioning below normal. \n\"Error\" indicates the ManagedElement is in an Error condition. \n") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [Description("The detailed status of the rule, as a numeric error code.") : Amended ToSubclass] uint32 StatusCode; [Description("The detailed status of the rule, as a string.") : Amended ToSubclass] string Status; [Description("If this object is retrieved from the ActiveStore, describes the current enforcement status of the rule.") : Amended ToSubclass,Values{"Invalid", "Full", "FirewallOffInProfile", "CategoryOff", "DisabledObject", "InactiveProfile", "LocalAddressResolutionEmpty", "RemoteAddressResolutionEmpty", "LocalPortResolutionEmpty", "RemotePortResolutionEmpty", "InterfaceResolutionEmpty", "ApplicationResolutionEmpty", "RemoteMachineEmpty", "RemoteUserEmpty", "LocalGlobalOpenPortsDisallowed", "LocalAuthorizedApplicationsDisallowed", "LocalFirewallRulesDisallowed", "LocalConsecRulesDisallowed", "NotTargetPlatform", "OptimizedOut", "LocalUserEmpty", "TransportMachinesEmpty", "TunnelMachinesEmpty", "TupleResolutionEmpty"} : Amended ToSubclass] uint16 EnforcementStatus[]; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, describes the type of PolicyStore where this rule originally came from.") : Amended ToSubclass] uint16 PolicyStoreSourceType; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, contains the path to the PolicyStore where this rule originally came from.") : Amended ToSubclass] string PolicyStoreSource; [Description("Diffie-Hellman Group to use with PFS") : Amended ToSubclass,Values{"DH Group 1", "DH Group 2", "DH Group 14", "DH Group 19", "DH Group 20", "DH Group 24"} : Amended ToSubclass] uint16 PfsGroupID; [Description("Rename this set.") : Amended ToSubclass] uint32 Rename([In,Description("The new name for the set.") : Amended ToSubclass] string NewName); [Description("Copy this set.") : Amended ToSubclass] uint32 CloneObject([In,Description("The new name for the set.") : Amended ToSubclass] string NewName,[In,Description("The new ID for the set.") : Amended ToSubclass] string NewID,[In,Description("The new policy store for the set.") : Amended ToSubclass] string NewPolicyStore,[In,Description("The new GPOSession for the set.") : Amended ToSubclass] string NewGPOSession); }; [Description("Superclass SettingData for networking") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetSettingData : CIM_SettingData { }; [Description("Denial of Service Prevention Settings for IPsec.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIPsecDoSPSetting : MSFT_NetSettingData { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass,key] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("State entry idle timeout in seconds. Value must be > 0") : Amended ToSubclass] uint32 StateIdleTimeoutSeconds; [Description("Per internal IP address rate limit queue idle timeout in seconds. Value must be > 0") : Amended ToSubclass] uint32 PerIPRateLimitQueueIdleTimeoutSeconds; [Description("DSCP (RFC 2474) marking for unauthenticated inbound IPv6 IPsec traffic. Value must be <= 63") : Amended ToSubclass] uint32 IpV6IPsecUnauthDscp; [Description("Per internal IP address rate limit for unauthenticated inbound IPv6 IPsec traffic.") : Amended ToSubclass] uint32 IpV6IPsecUnauthRateLimitBytesPerSec; [Description("Per internal IP address rate limit for unauthenticated inbound IPv6 IPsec traffic.") : Amended ToSubclass] uint32 IpV6IPsecUnauthPerIPRateLimitBytesPerSec; [Description("DSCP (RFC 2474) marking for authenticated inbound IPv6 IPsec traffic. Value must be <= 63.") : Amended ToSubclass] uint16 IpV6IPsecAuthDscp; [Description("Rate limit for authenticated inbound IPv6 IPsec traffic.") : Amended ToSubclass] uint32 IpV6IPsecAuthRateLimitBytesPerSec; [Description("DSCP (RFC 2474) marking for inbound ICMPv6 traffic. Value must be <= 63") : Amended ToSubclass] uint16 IcmpV6Dscp; [Description("Rate limit for inbound ICMPv6 traffic.") : Amended ToSubclass] uint32 IcmpV6RateLimitBytesPerSec; [Description("DSCP (RFC 2474) marking for inbound IPv6 filter exempted traffic. Value must be <= 63.") : Amended ToSubclass] uint32 IpV6FilterExemptDscp; [Description("Rate limit for inbound IPv6 filter exempted traffic.") : Amended ToSubclass] uint32 IpV6FilterExemptRateLimitBytesPerSec; [Description("DSCP (RFC 2474) marking for inbound default-block exempted traffic. Value must be <= 63.") : Amended ToSubclass] uint16 DefBlockExemptDscp; [Description("Rate limit for inbound default-block exempted traffic.") : Amended ToSubclass] uint32 DefBlockExemptRateLimitBytesPerSec; [Description("Maximum number of state entries in the table. Value must be > 0.") : Amended ToSubclass] uint32 MaxStateEntries; [Description("Maximum number of per internal IP address rate limit queues for inbound unauthenticated IPv6 IPsec traffic. Value must be > 0.") : Amended ToSubclass] uint32 MaxPerIPRateLimitQueues; [Description("Enabled keying modules") : Amended ToSubclass,Values{"IkeV1", "IkeV2", "AuthIp"} : Amended ToSubclass] uint32 EnabledKeyingModules; [Description("Filtering flags") : Amended ToSubclass,Values{"DisableDefaultBlock", "FilterBlock", "FilterExempt"} : Amended ToSubclass] uint32 FilteringFlags; [Description("Public network interfaces") : Amended ToSubclass] string PublicInterfaceAliases[]; [Description("Private network interfaces") : Amended ToSubclass] string PrivateInterfaceAliases[]; [Description("Optional public IPv6 address or subnet, for which this policy is specified.") : Amended ToSubclass] string PublicV6Address; [Description("Optional private IPv6 address or subnet, for which this policy is specified.") : Amended ToSubclass] string PrivateV6Address; [Description("Address family(ies) currently protected") : Amended ToSubclass,Values{"IPv4", "IPv6"} : Amended ToSubclass] uint16 EffectiveAddressFamily; }; [Description("An identity used by IPsec") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetIPsecIdentity { [Description("ImpersonationType") : Amended ToSubclass,Values{"None", "Impersonated"} : Amended ToSubclass] uint32 ImpersonationType; [Description("Authentication method used by this identity") : Amended ToSubclass,Values{"Preshared key", "Certificate", "Kerberos", "Anonymous", "SSL", "NTLMV2", "CGA", "CertificateEcdsa256", "CertificateEcdsa384", "SSLEcdsa256", "SSLEcdsa384", "EAP"} : Amended ToSubclass] uint32 AuthenticationMethod; [Description("Identity flags") : Amended ToSubclass,Values{"HealthCertificate"} : Amended ToSubclass] uint32 Flags; [Description("Identity") : Amended ToSubclass] string Identity; }; [Description("Filters traffic based on what interface it is sent or received on.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetInterfaceFilter : CIM_FilterEntryBase { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] datetime InstallDate; [Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass,key] string Name; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "OK", "Degraded", "Stressed", "Predictive Failure", "Error", "Non-Recoverable Error", "Starting", "Stopping", "Stopped", "In Service", "No Contact", "Lost Communication", "Aborted", "Dormant", "Supporting Entity in Error", "Completed", "Power Mode", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperationalStatus[]; [Description("This field is ignored.") : Amended ToSubclass] string StatusDescriptions[]; [Description("This field is ignored.") : Amended ToSubclass] string Status; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded/Warning", "Minor failure", "Major failure", "Critical failure", "Non-recoverable error", "DMTF Reserved"} : Amended ToSubclass] uint16 HealthState; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Communication OK", "Lost Communication", "No Contact", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CommunicationStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Not Available", "No Additional Information", "Stressed", "Predictive Failure", "Non-Recoverable Error", "Supporting Entity in Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 DetailedStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Servicing", "Starting", "Stopping", "Stopped", "Aborted", "Dormant", "Completed", "Migrating", "Emigrating", "Immigrating", "Snapshotting", "Shutting Down", "In Test", "Transitioning", "In Service", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperatingStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [Description("This field is ignored.") : Amended ToSubclass] boolean IsNegated; [Description("Interfaces that the traffic applies to. They may be specified by LUID or by Alias.") : Amended ToSubclass] string InterfaceAlias[]; }; [Description("Filters traffic based on the type of interface it is sent or received on.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetInterfaceTypeFilter : CIM_FilterEntryBase { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] datetime InstallDate; [Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass,key] string Name; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "OK", "Degraded", "Stressed", "Predictive Failure", "Error", "Non-Recoverable Error", "Starting", "Stopping", "Stopped", "In Service", "No Contact", "Lost Communication", "Aborted", "Dormant", "Supporting Entity in Error", "Completed", "Power Mode", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperationalStatus[]; [Description("This field is ignored.") : Amended ToSubclass] string StatusDescriptions[]; [Description("This field is ignored.") : Amended ToSubclass] string Status; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded/Warning", "Minor failure", "Major failure", "Critical failure", "Non-recoverable error", "DMTF Reserved"} : Amended ToSubclass] uint16 HealthState; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Communication OK", "Lost Communication", "No Contact", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CommunicationStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Not Available", "No Additional Information", "Stressed", "Predictive Failure", "Non-Recoverable Error", "Supporting Entity in Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 DetailedStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Servicing", "Starting", "Stopping", "Stopped", "Aborted", "Dormant", "Completed", "Migrating", "Emigrating", "Immigrating", "Snapshotting", "Shutting Down", "In Test", "Transitioning", "In Service", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperatingStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [Description("This field is ignored.") : Amended ToSubclass] boolean IsNegated; [Description("Specifies what types of interface to filter on.") : Amended ToSubclass,Values{"Local area network", "Remote access", "Wireless"} : Amended ToSubclass] uint32 InterfaceType; }; [Description("A rule that alters the behavior of main-mode authentications.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetMainModeRule : MSFT_NetSARule { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("The Caption property is a short textual description (one- line string) of the object.") : Amended ToSubclass] string Caption; [Description("A brief description of the rule. May be an indirect string. If it is an indirect string, then it may not be overwritten.") : Amended ToSubclass] string Description; [Description("The locale-independent name of the rule. May be an indirect string.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] string CommonName; [Description("This field is ignored.") : Amended ToSubclass] string PolicyKeywords[]; [Description("This field is ignored.") : Amended ToSubclass,Values{"First Matching", "All"} : Amended ToSubclass] uint16 PolicyDecisionStrategy; [Description("This field is ignored.") : Amended ToSubclass] string PolicyRoles[]; [Description("Indicates whether this rule is administratively enabled or disabled.") : Amended ToSubclass,Values{"Enabled", "Disabled"} : Amended ToSubclass] uint16 Enabled; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string PolicyRuleName; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unconditional Rule", "DNF", "CNF"} : Amended ToSubclass] uint16 ConditionListType; [Description("This field is ignored.") : Amended ToSubclass] string RuleUsage; [Description("This field is ignored.") : Amended ToSubclass] uint16 Priority; [Description("This field is ignored.") : Amended ToSubclass] boolean Mandatory; [Description("This field is ignored.") : Amended ToSubclass,Values{"Mandatory", "Recommended", "Dont Care"} : Amended ToSubclass] uint16 SequencedActions; [Description("This field is ignored.") : Amended ToSubclass,Values{"Do Until Success", "Do All", "Do Until Failure"} : Amended ToSubclass] uint16 ExecutionStrategy; [Description("Specifies which platforms the rule is applicable on. If null, the rule applies to all platforms (the default). Each entry takes the form Major.Minor+, for instance 6.0, 6.1+, or 6.2. If + is specified, then it means that the rule applies to that version or greater. For instance, Windows Vista could be represented as 6 or 6.0, and Windows 7 or later would be represented as 6.1+. + may only be attached to the final item in the list. 6.0+ is not valid because it means the same thing as null (all platforms).") : Amended ToSubclass] string Platforms[]; [Description("The locale-independent name for the group that this rule belongs to. If this field is non-null, then Windows Firewall with Advanced Security assumes that this rule belongs to a Windows component or an installed application, and some parts of the rule are protected (including but not limited to the Name, Description, Program, and Service).") : Amended ToSubclass] string RuleGroup; [Description("The localized name of this rule. This field's value is based on the value of ElementName. Changes to this field are ignored.") : Amended ToSubclass] string DisplayName; [Description("The group that this rule belongs to. This field is based on the value of RuleGroup and changes to this field are ignored.") : Amended ToSubclass] string DisplayGroup; [Description("Which profiles this rule is active on.") : Amended ToSubclass,Values{"None", "Public", "Private", "Domain", "All"} : Amended ToSubclass] uint16 Profiles; [Description("The InstanceID of the CryptoSet to use for Main Mode.") : Amended ToSubclass] string MainModeCryptoSet; [Description("The InstanceID of the CryptoSet to use for Quick Mode.") : Amended ToSubclass] string QuickModeCryptoSet; [Description("The InstanceID of the AuthSet to use for Phase 1 auth.") : Amended ToSubclass] string Phase1AuthSet; [Description("The InstanceID of the AuthSet to use for Phase 2 auth.") : Amended ToSubclass] string Phase2AuthSet; [Description("PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. \nPrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. \"Unknown\" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. \n\"OK\" indicates the ManagedElement is functioning normally. \n\"Degraded\" indicates the ManagedElement is functioning below normal. \n\"Error\" indicates the ManagedElement is in an Error condition. \n") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [Description("The detailed status of the rule, as a numeric error code.") : Amended ToSubclass] uint32 StatusCode; [Description("The detailed status of the rule, as a string.") : Amended ToSubclass] string Status; [Description("If this object is retrieved from the ActiveStore, describes the current enforcement status of the rule.") : Amended ToSubclass,Values{"Invalid", "Full", "FirewallOffInProfile", "CategoryOff", "DisabledObject", "InactiveProfile", "LocalAddressResolutionEmpty", "RemoteAddressResolutionEmpty", "LocalPortResolutionEmpty", "RemotePortResolutionEmpty", "InterfaceResolutionEmpty", "ApplicationResolutionEmpty", "RemoteMachineEmpty", "RemoteUserEmpty", "LocalGlobalOpenPortsDisallowed", "LocalAuthorizedApplicationsDisallowed", "LocalFirewallRulesDisallowed", "LocalConsecRulesDisallowed", "NotTargetPlatform", "OptimizedOut", "LocalUserEmpty", "TransportMachinesEmpty", "TunnelMachinesEmpty", "TupleResolutionEmpty"} : Amended ToSubclass] uint16 EnforcementStatus[]; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, describes the type of PolicyStore where this rule originally came from.") : Amended ToSubclass] uint16 PolicyStoreSourceType; [Description("If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, contains the path to the PolicyStore where this rule originally came from.") : Amended ToSubclass] string PolicyStoreSource; [Description("Enable this rule.") : Amended ToSubclass] uint32 Enable(); [Description("Disable this rule.") : Amended ToSubclass] uint32 Disable(); [Description("Rename this rule.") : Amended ToSubclass] uint32 Rename([In,Description("The new name for the rule.") : Amended ToSubclass] string NewName); [Description("Copy this rule.") : Amended ToSubclass] uint32 CloneObject([In,Description("The new name for the rule.") : Amended ToSubclass] string NewName,[In,Description("The new policy store for the rule.") : Amended ToSubclass] string NewPolicyStore,[In,Description("The new GPOSession for the rule.") : Amended ToSubclass] string NewGPOSession); }; [Description("Associates a main mode rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetMainModeRuleFilters : MSFT_NetPolicyRuleFilters { [key,Description("The main mode rule being filtered.") : Amended ToSubclass] MSFT_NetMainModeRule Ref GroupComponent; }; [Description("Associates a main mode rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetMainModeRuleFilterByAddress : MSFT_NetMainModeRuleFilters { [key,Description("The main mode rule being filtered.") : Amended ToSubclass] MSFT_NetMainModeRule Ref GroupComponent; [key,Description("The address filter applied to the rule.") : Amended ToSubclass] MSFT_NetAddressFilter Ref PartComponent; }; [Description("Indicates that a rule applies to a particular firewall profile.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetMainModeRuleInProfile : MSFT_NetRuleInProfile { [key,Description("The firewall profile.") : Amended ToSubclass] MSFT_NetFirewallProfile Ref GroupComponent; [key,Description("The main mode rule.") : Amended ToSubclass] MSFT_NetMainModeRule Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 Priority; }; [Description("Relates a main mode rule to its Phase 1 Authentication Set.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetMainModeRuleMMAuthSet : MSFT_NetSARuleMMAuth { [key,Description("The main mode rule.") : Amended ToSubclass] MSFT_NetMainModeRule Ref GroupComponent; [key,Description("The Phase 1 Authentication Set used by the rule.") : Amended ToSubclass] MSFT_NetIKEP1AuthSet Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 ActionOrder; }; [Description("Relates an IPsec rule to its Main Mode crypto set.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetSARuleMMCrypto : MSFT_NetSAActionInSARule { [key,Description("The IPsec rule.") : Amended ToSubclass] CIM_SARule Ref GroupComponent; [key,Description("The Main Mode crypto set used in this rule.") : Amended ToSubclass] MSFT_NetIKEMMCryptoSet Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 ActionOrder; }; [Description("Relates a main mode rule to its Main Mode Crypto Set.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetMainModeRuleMMCryptoSet : MSFT_NetSARuleMMCrypto { [key,Description("The main mode rule.") : Amended ToSubclass] MSFT_NetMainModeRule Ref GroupComponent; [key,Description("The main mode crypto set used in this rule.") : Amended ToSubclass] MSFT_NetIKEMMCryptoSet Ref PartComponent; [Description("This field is ignored.") : Amended ToSubclass] uint16 ActionOrder; }; [Description("A MainMode SA.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetMainModeSA : CIM_IKESAEndpoint { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] datetime InstallDate; [Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass,key] string Name; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "OK", "Degraded", "Stressed", "Predictive Failure", "Error", "Non-Recoverable Error", "Starting", "Stopping", "Stopped", "In Service", "No Contact", "Lost Communication", "Aborted", "Dormant", "Supporting Entity in Error", "Completed", "Power Mode", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperationalStatus[]; [Description("This field is ignored.") : Amended ToSubclass] string StatusDescriptions[]; [Description("This field is ignored.") : Amended ToSubclass] string Status; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded/Warning", "Minor failure", "Major failure", "Critical failure", "Non-recoverable error", "DMTF Reserved"} : Amended ToSubclass] uint16 HealthState; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Communication OK", "Lost Communication", "No Contact", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CommunicationStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Not Available", "No Additional Information", "Stressed", "Predictive Failure", "Non-Recoverable Error", "Supporting Entity in Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 DetailedStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Servicing", "Starting", "Stopping", "Stopped", "Aborted", "Dormant", "Completed", "Migrating", "Emigrating", "Immigrating", "Snapshotting", "Shutting Down", "In Test", "Transitioning", "In Service", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperatingStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "Enabled", "Disabled", "Shutting Down", "Not Applicable", "Enabled but Offline", "In Test", "Deferred", "Quiesce", "Starting", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 EnabledState; [Description("This field is ignored.") : Amended ToSubclass] string OtherEnabledState; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Enabled", "Disabled", "Shut Down", "No Change", "Offline", "Test", "Deferred", "Quiesce", "Reboot", "Reset", "Not Applicable", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 RequestedState; [Description("This field is ignored.") : Amended ToSubclass,Values{"Enabled", "Disabled", "Not Applicable", "Enabled but Offline", "No Default", "Quiesce", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 EnabledDefault; [Description("This field is ignored.") : Amended ToSubclass] datetime TimeOfLastStateChange; [Description("This field is ignored.") : Amended ToSubclass,Values{"Enabled", "Disabled", "Shut Down", "Offline", "Test", "Defer", "Quiesce", "Reboot", "Reset", "DMTF Reserved"} : Amended ToSubclass] uint16 AvailableRequestedStates[]; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Enabled", "Disabled", "Shut Down", "No Change", "Offline", "Test", "Defer", "Quiesce", "Reboot", "Reset", "Not Applicable", "DMTF Reserved"} : Amended ToSubclass] uint16 TransitioningToState; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [Description("This field is ignored.") : Amended ToSubclass] string NameFormat; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "IPv4", "IPv6", "IPX", "AppleTalk", "DECnet", "SNA", "CONP", "CLNP", "VINES", "XNS", "ATM", "Frame Relay", "Ethernet", "TokenRing", "FDDI", "Infiniband", "Fibre Channel", "ISDN BRI Endpoint", "ISDN B Channel Endpoint", "ISDN D Channel Endpoint", "IPv4/v6", "BGP", "OSPF", "MPLS", "UDP", "TCP"} : Amended ToSubclass] uint16 ProtocolType; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "Regular 1822", "HDH 1822", "DDN X.25", "RFC877 X.25", "Ethernet CSMA/CD", "ISO 802.3 CSMA/CD", "ISO 802.4 Token Bus", "ISO 802.5 Token Ring", "ISO 802.6 MAN", "StarLAN", "Proteon 10Mbit", "Proteon 80Mbit", "HyperChannel", "FDDI", "LAP-B", "SDLC", "DS1", "E1", "Basic ISDN", "Primary ISDN", "Proprietary Point-to-Point Serial", "PPP", "Software Loopback", "EON", "Ethernet 3Mbit", "NSIP", "SLIP", "Ultra", "DS3", "SIP", "Frame Relay", "RS-232", "Parallel", "ARCNet", "ARCNet Plus", "ATM", "MIO X.25", "SONET", "X.25 PLE", "ISO 802.211c", "LocalTalk", "SMDS DXI", "Frame Relay Service", "V.35", "HSSI", "HIPPI", "Modem", "AAL5", "SONET Path", "SONET VT", "SMDS ICIP", "Proprietary Virtual/Internal", "Proprietary Multiplexor", "IEEE 802.12", "Fibre Channel", "HIPPI Interface", "Frame Relay Interconnect", "ATM Emulated LAN for 802.3", "ATM Emulated LAN for 802.5", "ATM Emulated Circuit", "Fast Ethernet (100BaseT)", "ISDN", "V.11", "V.36", "G703 at 64K", "G703 at 2Mb", "QLLC", "Fast Ethernet 100BaseFX", "Channel", "IEEE 802.11", "IBM 260/370 OEMI Channel", "ESCON", "Data Link Switching", "ISDN S/T Interface", "ISDN U Interface", "LAP-D", "IP Switch", "Remote Source Route Bridging", "ATM Logical", "DS0", "DS0 Bundle", "BSC", "Async", "Combat Net Radio", "ISO 802.5r DTR", "Ext Pos Loc Report System", "AppleTalk Remote Access Protocol", "Proprietary Connectionless", "ITU X.29 Host PAD", "ITU X.3 Terminal PAD", "Frame Relay MPI", "ITU X.213", "ADSL", "RADSL", "SDSL", "VDSL", "ISO 802.5 CRFP", "Myrinet", "Voice Receive and Transmit", "Voice Foreign Exchange Office", "Voice Foreign Exchange Service", "Voice Encapsulation", "Voice over IP", "ATM DXI", "ATM FUNI", "ATM IMA", "PPP Multilink Bundle", "IP over CDLC", "IP over CLAW", "Stack to Stack", "Virtual IP Address", "MPC", "IP over ATM", "ISO 802.5j Fibre Token Ring", "TDLC", "Gigabit Ethernet", "HDLC", "LAP-F", "V.37", "X.25 MLP", "X.25 Hunt Group", "Transp HDLC", "Interleave Channel", "FAST Channel", "IP (for APPN HPR in IP Networks)", "CATV MAC Layer", "CATV Downstream", "CATV Upstream", "Avalon 12MPP Switch", "Tunnel", "Coffee", "Circuit Emulation Service", "ATM SubInterface", "Layer 2 VLAN using 802.1Q", "Layer 3 VLAN using IP", "Layer 3 VLAN using IPX", "Digital Power Line", "Multimedia Mail over IP", "DTM", "DCN", "IP Forwarding", "MSDSL", "IEEE 1394", "IF-GSN/HIPPI-6400", "DVB-RCC MAC Layer", "DVB-RCC Downstream", "DVB-RCC Upstream", "ATM Virtual", "MPLS Tunnel", "SRP", "Voice over ATM", "Voice over Frame Relay", "ISDL", "Composite Link", "SS7 Signaling Link", "Proprietary P2P Wireless", "Frame Forward", "RFC1483 Multiprotocol over ATM", "USB", "IEEE 802.3ad Link Aggregate", "BGP Policy Accounting", "FRF .16 Multilink FR", "H.323 Gatekeeper", "H.323 Proxy", "MPLS", "Multi-Frequency Signaling Link", "HDSL-2", "S-HDSL", "DS1 Facility Data Link", "Packet over SONET/SDH", "DVB-ASI Input", "DVB-ASI Output", "Power Line", "Non Facility Associated Signaling", "TR008", "GR303 RDT", "GR303 IDT", "ISUP", "Proprietary Wireless MAC Layer", "Proprietary Wireless Downstream", "Proprietary Wireless Upstream", "HIPERLAN Type 2", "Proprietary Broadband Wireless Access Point to Mulipoint", "SONET Overhead Channel", "Digital Wrapper Overhead Channel", "ATM Adaptation Layer 2", "Radio MAC", "ATM Radio", "Inter Machine Trunk", "MVL DSL", "Long Read DSL", "Frame Relay DLCI Endpoint", "ATM VCI Endpoint", "Optical Channel", "Optical Transport", "Proprietary ATM", "Voice over Cable", "Infiniband", "TE Link", "Q.2931", "Virtual Trunk Group", "SIP Trunk Group", "SIP Signaling", "CATV Upstream Channel", "Econet", "FSAN 155Mb PON", "FSAN 622Mb PON", "Transparent Bridge", "Line Group", "Voice E&M Feature Group", "Voice FGD EANA", "Voice DID", "MPEG Transport", "6To4", "GTP", "Paradyne EtherLoop 1", "Paradyne EtherLoop 2", "Optical Channel Group", "HomePNA", "GFP", "ciscoISLvlan", "actelisMetaLOOP", "Fcip", "IANA Reserved", "IPv4", "IPv6", "IPv4/v6", "IPX", "DECnet", "SNA", "CONP", "CLNP", "VINES", "XNS", "ISDN B Channel Endpoint", "ISDN D Channel Endpoint", "BGP", "OSPF", "UDP", "TCP", "802.11a", "802.11b", "802.11g", "802.11h", "NFS", "CIFS", "DAFS", "WebDAV", "HTTP", "FTP", "NDMP", "Telnet", "SSH", "SM CLP", "SMTP", "LDAP", "RDP", "HTTPS", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 ProtocolIFType; [Description("This field is ignored.") : Amended ToSubclass] string OtherTypeDescription; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 LifetimeSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("Percent") : Amended ToSubclass] uint8 RefreshThresholdSecondsPercentage; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 IdleDurationSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 LifetimeKilobytes; [Description("This field is ignored.") : Amended ToSubclass,Units("Percent") : Amended ToSubclass] uint8 RefreshThresholdKbytesPercentage; [Description("This field is ignored.") : Amended ToSubclass] boolean PacketLoggingActive; [Description("This field is ignored.") : Amended ToSubclass] uint64 InitiatorCookie; [Description("This field is ignored.") : Amended ToSubclass] uint64 ResponderCookie; [Description("The actual encryption algorithm used by the SA.") : Amended ToSubclass,Values{"None", "DES", "3DES", "AES-128", "AES-192", "AES-256", "AES-GCM-128", "AES-GCM-192", "AES-GCM-256"} : Amended ToSubclass] uint16 CipherAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherCipherAlgorithm; [Description("The actual hash algorithm used by the SA.") : Amended ToSubclass,Values{"None", "MD5", "SHA-1", "SHA-256", "SHA-384", "AES-GMAC-128", "AES-GMAC-192", "AES-GMAC-256"} : Amended ToSubclass] uint16 HashAlgorithm; [Description("This field is ignored.") : Amended ToSubclass] string OtherHashAlgorithm; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "Pre-shared Key", "DSS Signatures", "RSA Signatures", "Encryption with RSA", "Revised Encryption with RSA", "DMTF/IANA Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 AuthenticationMethod; [Description("This field is ignored.") : Amended ToSubclass] string OtherAuthenticationMethod; [Description("The property GroupId gives the phase 1 security association key exchange group. Well-known group identifiers from RFC2412, Appendix E, are: Group 1='768 bit prime', Group 2='1024 bit prime', Group 3 ='Elliptic Curve Group with 155 bit field element', Group 4= 'Large Elliptic Curve Group with 185 bit field element', and Group 5='1536 bit prime'. Note that only groups 1, 2, 14, 19, 20, and 24 are acceptable in Windows 8.") : Amended ToSubclass,Values{"None", "DH Group 1", "DH Group 2", "DH Group 14", "DH Group 19", "DH Group 20", "DH Group 24"} : Amended ToSubclass] uint16 GroupId; [Description("This field is ignored.") : Amended ToSubclass] string VendorID; [Description("The Key Module used to negotiate the SA and its child SA's.") : Amended ToSubclass,Values{"IkeV1", "AuthIP", "IkeV2"} : Amended ToSubclass] uint16 KeyModule; [Description("The address of the local endpoint the SA applies to.") : Amended ToSubclass] string LocalEndpoint; [Description("The address of the remote endpoint the SA applies to.") : Amended ToSubclass] string RemoteEndpoint; [Description("The maximum number of Quick Mode SA's that may be established with this SA before it must be renegotiated.") : Amended ToSubclass] uint32 MaxQMSAs; [Description("The first authentication local identity") : Amended ToSubclass] MSFT_NetIPsecIdentity LocalFirstId; [Description("The second authentication local identity") : Amended ToSubclass] MSFT_NetIPsecIdentity LocalSecondId; [Description("The first authentication remote identity") : Amended ToSubclass] MSFT_NetIPsecIdentity RemoteFirstId; [Description("The second authentication remote identity") : Amended ToSubclass] MSFT_NetIPsecIdentity RemoteSecondId; [Description("Extensions to GroupId") : Amended ToSubclass] string OtherGroupId; [Description("Filter ID from the QM policy matching the extended mode filter") : Amended ToSubclass] uint64 ExtendedFilterId; [Description("Local UDP encapsulation port for NAT-T") : Amended ToSubclass] uint16 LocalUdpEncapsulationPort; [Description("Remote UDP encapsulation port for NAT-T") : Amended ToSubclass] uint16 RemoteUdpEncapsulationPort; [Description("GUID of the main mode policy provider context corresponding to this SA") : Amended ToSubclass] string IkePolicyKey; [Description("ID/Handle to virtual interface tunneling state") : Amended ToSubclass] uint64 VirtualIfTunnelId; }; [Description("Filters traffic based on certain high-level security constraints, like whether or not the traffic is encrypted. Connection Security rules will have to be created in order for traffic to pass the rule.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetNetworkLayerSecurityFilter : CIM_FilterEntryBase { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] datetime InstallDate; [Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass,key] string Name; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "OK", "Degraded", "Stressed", "Predictive Failure", "Error", "Non-Recoverable Error", "Starting", "Stopping", "Stopped", "In Service", "No Contact", "Lost Communication", "Aborted", "Dormant", "Supporting Entity in Error", "Completed", "Power Mode", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperationalStatus[]; [Description("This field is ignored.") : Amended ToSubclass] string StatusDescriptions[]; [Description("This field is ignored.") : Amended ToSubclass] string Status; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded/Warning", "Minor failure", "Major failure", "Critical failure", "Non-recoverable error", "DMTF Reserved"} : Amended ToSubclass] uint16 HealthState; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Communication OK", "Lost Communication", "No Contact", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CommunicationStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Not Available", "No Additional Information", "Stressed", "Predictive Failure", "Non-Recoverable Error", "Supporting Entity in Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 DetailedStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Servicing", "Starting", "Stopping", "Stopped", "Aborted", "Dormant", "Completed", "Migrating", "Emigrating", "Immigrating", "Snapshotting", "Shutting Down", "In Test", "Transitioning", "In Service", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperatingStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [Description("This field is ignored.") : Amended ToSubclass] boolean IsNegated; [Description("Whether to require Authentication. NoEncapsulation means that authentication is still required, but only once at the beginning of the traffic flow, instead of on every packet.") : Amended ToSubclass,Values{"NotRequired", "Required", "NoEncapsulation"} : Amended ToSubclass] uint16 Authentication; [Description("Whether to require Encryption. Dynamic encryption means that the first packet may be protected but not encrypted.") : Amended ToSubclass,Values{"NotRequired", "Required", "Dynamic"} : Amended ToSubclass] uint16 Encryption; [Description("Whether to allow this rule to take precedence over Block rules. This setting may only be applied on Allow rules that require Authentication with specific RemoteUsers and/or RemoteMachines.") : Amended ToSubclass] boolean OverrideBlockRules; [Description("SDDL string describing Local Users that are allowed by this rule. If this is empty, all users are allowed. If LocalUsers/RemoteUsers/RemoteMachines are specified, then they apply conjunctively, and this is an ''Allow-Bypass'' rule and ProtectionLevel must be set above None (so that authentication is required).") : Amended ToSubclass] string LocalUsers; [Description("SDDL string describing Remote Users that are allowed by this rule. If this is empty, all users are allowed. If LocalUsers/RemoteUsers/RemoteMachines are specified, then they apply conjunctively, and this is an ''Allow-Bypass'' rule and ProtectionLevel must be set above None (so that authentication is required).") : Amended ToSubclass] string RemoteUsers; [Description("SDDL string describing Remote Machines that are allowed by this rule. If this is empty, all users are allowed. If LocalUsers/RemoteUsers/RemoteMachines are specified, then they apply conjunctively, and this is an ''Allow-Bypass'' rule and ProtectionLevel must be set above None (so that authentication is required).") : Amended ToSubclass] string RemoteMachines; }; [Description("Filters traffic based on its protocol and port.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetProtocolPortFilter : CIM_FilterEntryBase { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] datetime InstallDate; [Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass,key] string Name; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "OK", "Degraded", "Stressed", "Predictive Failure", "Error", "Non-Recoverable Error", "Starting", "Stopping", "Stopped", "In Service", "No Contact", "Lost Communication", "Aborted", "Dormant", "Supporting Entity in Error", "Completed", "Power Mode", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperationalStatus[]; [Description("This field is ignored.") : Amended ToSubclass] string StatusDescriptions[]; [Description("This field is ignored.") : Amended ToSubclass] string Status; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded/Warning", "Minor failure", "Major failure", "Critical failure", "Non-recoverable error", "DMTF Reserved"} : Amended ToSubclass] uint16 HealthState; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Communication OK", "Lost Communication", "No Contact", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CommunicationStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Not Available", "No Additional Information", "Stressed", "Predictive Failure", "Non-Recoverable Error", "Supporting Entity in Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 DetailedStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Servicing", "Starting", "Stopping", "Stopped", "Aborted", "Dormant", "Completed", "Migrating", "Emigrating", "Immigrating", "Snapshotting", "Shutting Down", "In Test", "Transitioning", "In Service", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperatingStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [Description("This field is ignored.") : Amended ToSubclass] boolean IsNegated; [Description("IP Protocol Number that this filter applies to. May be 0-255 or one of the following: ICMPv4, ICMPv6, TCP, UDP.") : Amended ToSubclass] string Protocol; [Description("Applies only when Protocol is TCP or UDP. Remote ports this filter applies to. May be a number or range 0-65535, or one of the following: Any, IPHTTPSOut.") : Amended ToSubclass] string RemotePort[]; [Description("Applies only when Protocol is TCP or UDP. Local ports this filter applies to. May be a number or range 0-65535, or one of the following: Any, RPC, RPC-EPMap, IPHTTPSIn, PlayToDiscovery.") : Amended ToSubclass] string LocalPort[]; [Description("Applies only when Protocol is ICMPv4 or ICMPv6. ICMP Type/Code pairs this filter applies to. May be an ICMP type (0-255), or an ICMP type/code pair in the format Type.Code, where type and code values are numbers from 0 to 255.") : Amended ToSubclass] string IcmpType[]; [Description("Allows filtering traffic to/from endpoints by certain kinds of virtual transports, rather than traditional tuples of addresses, protocols, and ports.") : Amended ToSubclass,Values{"Any", "ProximityApps", "ProximitySharing", "WifiDirectPrinting", "WifiDirectDisplay", "WifiDirectDevices"} : Amended ToSubclass] uint32 DynamicTransport; }; [Description("A Quick Mode SA.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetQuickModeSA : CIM_IPsecSAEndpoint { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] datetime InstallDate; [Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass,key] string Name; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "OK", "Degraded", "Stressed", "Predictive Failure", "Error", "Non-Recoverable Error", "Starting", "Stopping", "Stopped", "In Service", "No Contact", "Lost Communication", "Aborted", "Dormant", "Supporting Entity in Error", "Completed", "Power Mode", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperationalStatus[]; [Description("This field is ignored.") : Amended ToSubclass] string StatusDescriptions[]; [Description("This field is ignored.") : Amended ToSubclass] string Status; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded/Warning", "Minor failure", "Major failure", "Critical failure", "Non-recoverable error", "DMTF Reserved"} : Amended ToSubclass] uint16 HealthState; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Communication OK", "Lost Communication", "No Contact", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CommunicationStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Not Available", "No Additional Information", "Stressed", "Predictive Failure", "Non-Recoverable Error", "Supporting Entity in Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 DetailedStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Servicing", "Starting", "Stopping", "Stopped", "Aborted", "Dormant", "Completed", "Migrating", "Emigrating", "Immigrating", "Snapshotting", "Shutting Down", "In Test", "Transitioning", "In Service", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperatingStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "Enabled", "Disabled", "Shutting Down", "Not Applicable", "Enabled but Offline", "In Test", "Deferred", "Quiesce", "Starting", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 EnabledState; [Description("This field is ignored.") : Amended ToSubclass] string OtherEnabledState; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Enabled", "Disabled", "Shut Down", "No Change", "Offline", "Test", "Deferred", "Quiesce", "Reboot", "Reset", "Not Applicable", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 RequestedState; [Description("This field is ignored.") : Amended ToSubclass,Values{"Enabled", "Disabled", "Not Applicable", "Enabled but Offline", "No Default", "Quiesce", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 EnabledDefault; [Description("This field is ignored.") : Amended ToSubclass] datetime TimeOfLastStateChange; [Description("This field is ignored.") : Amended ToSubclass,Values{"Enabled", "Disabled", "Shut Down", "Offline", "Test", "Defer", "Quiesce", "Reboot", "Reset", "DMTF Reserved"} : Amended ToSubclass] uint16 AvailableRequestedStates[]; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Enabled", "Disabled", "Shut Down", "No Change", "Offline", "Test", "Defer", "Quiesce", "Reboot", "Reset", "Not Applicable", "DMTF Reserved"} : Amended ToSubclass] uint16 TransitioningToState; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [Description("This field is ignored.") : Amended ToSubclass] string NameFormat; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "IPv4", "IPv6", "IPX", "AppleTalk", "DECnet", "SNA", "CONP", "CLNP", "VINES", "XNS", "ATM", "Frame Relay", "Ethernet", "TokenRing", "FDDI", "Infiniband", "Fibre Channel", "ISDN BRI Endpoint", "ISDN B Channel Endpoint", "ISDN D Channel Endpoint", "IPv4/v6", "BGP", "OSPF", "MPLS", "UDP", "TCP"} : Amended ToSubclass] uint16 ProtocolType; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "Regular 1822", "HDH 1822", "DDN X.25", "RFC877 X.25", "Ethernet CSMA/CD", "ISO 802.3 CSMA/CD", "ISO 802.4 Token Bus", "ISO 802.5 Token Ring", "ISO 802.6 MAN", "StarLAN", "Proteon 10Mbit", "Proteon 80Mbit", "HyperChannel", "FDDI", "LAP-B", "SDLC", "DS1", "E1", "Basic ISDN", "Primary ISDN", "Proprietary Point-to-Point Serial", "PPP", "Software Loopback", "EON", "Ethernet 3Mbit", "NSIP", "SLIP", "Ultra", "DS3", "SIP", "Frame Relay", "RS-232", "Parallel", "ARCNet", "ARCNet Plus", "ATM", "MIO X.25", "SONET", "X.25 PLE", "ISO 802.211c", "LocalTalk", "SMDS DXI", "Frame Relay Service", "V.35", "HSSI", "HIPPI", "Modem", "AAL5", "SONET Path", "SONET VT", "SMDS ICIP", "Proprietary Virtual/Internal", "Proprietary Multiplexor", "IEEE 802.12", "Fibre Channel", "HIPPI Interface", "Frame Relay Interconnect", "ATM Emulated LAN for 802.3", "ATM Emulated LAN for 802.5", "ATM Emulated Circuit", "Fast Ethernet (100BaseT)", "ISDN", "V.11", "V.36", "G703 at 64K", "G703 at 2Mb", "QLLC", "Fast Ethernet 100BaseFX", "Channel", "IEEE 802.11", "IBM 260/370 OEMI Channel", "ESCON", "Data Link Switching", "ISDN S/T Interface", "ISDN U Interface", "LAP-D", "IP Switch", "Remote Source Route Bridging", "ATM Logical", "DS0", "DS0 Bundle", "BSC", "Async", "Combat Net Radio", "ISO 802.5r DTR", "Ext Pos Loc Report System", "AppleTalk Remote Access Protocol", "Proprietary Connectionless", "ITU X.29 Host PAD", "ITU X.3 Terminal PAD", "Frame Relay MPI", "ITU X.213", "ADSL", "RADSL", "SDSL", "VDSL", "ISO 802.5 CRFP", "Myrinet", "Voice Receive and Transmit", "Voice Foreign Exchange Office", "Voice Foreign Exchange Service", "Voice Encapsulation", "Voice over IP", "ATM DXI", "ATM FUNI", "ATM IMA", "PPP Multilink Bundle", "IP over CDLC", "IP over CLAW", "Stack to Stack", "Virtual IP Address", "MPC", "IP over ATM", "ISO 802.5j Fibre Token Ring", "TDLC", "Gigabit Ethernet", "HDLC", "LAP-F", "V.37", "X.25 MLP", "X.25 Hunt Group", "Transp HDLC", "Interleave Channel", "FAST Channel", "IP (for APPN HPR in IP Networks)", "CATV MAC Layer", "CATV Downstream", "CATV Upstream", "Avalon 12MPP Switch", "Tunnel", "Coffee", "Circuit Emulation Service", "ATM SubInterface", "Layer 2 VLAN using 802.1Q", "Layer 3 VLAN using IP", "Layer 3 VLAN using IPX", "Digital Power Line", "Multimedia Mail over IP", "DTM", "DCN", "IP Forwarding", "MSDSL", "IEEE 1394", "IF-GSN/HIPPI-6400", "DVB-RCC MAC Layer", "DVB-RCC Downstream", "DVB-RCC Upstream", "ATM Virtual", "MPLS Tunnel", "SRP", "Voice over ATM", "Voice over Frame Relay", "ISDL", "Composite Link", "SS7 Signaling Link", "Proprietary P2P Wireless", "Frame Forward", "RFC1483 Multiprotocol over ATM", "USB", "IEEE 802.3ad Link Aggregate", "BGP Policy Accounting", "FRF .16 Multilink FR", "H.323 Gatekeeper", "H.323 Proxy", "MPLS", "Multi-Frequency Signaling Link", "HDSL-2", "S-HDSL", "DS1 Facility Data Link", "Packet over SONET/SDH", "DVB-ASI Input", "DVB-ASI Output", "Power Line", "Non Facility Associated Signaling", "TR008", "GR303 RDT", "GR303 IDT", "ISUP", "Proprietary Wireless MAC Layer", "Proprietary Wireless Downstream", "Proprietary Wireless Upstream", "HIPERLAN Type 2", "Proprietary Broadband Wireless Access Point to Mulipoint", "SONET Overhead Channel", "Digital Wrapper Overhead Channel", "ATM Adaptation Layer 2", "Radio MAC", "ATM Radio", "Inter Machine Trunk", "MVL DSL", "Long Read DSL", "Frame Relay DLCI Endpoint", "ATM VCI Endpoint", "Optical Channel", "Optical Transport", "Proprietary ATM", "Voice over Cable", "Infiniband", "TE Link", "Q.2931", "Virtual Trunk Group", "SIP Trunk Group", "SIP Signaling", "CATV Upstream Channel", "Econet", "FSAN 155Mb PON", "FSAN 622Mb PON", "Transparent Bridge", "Line Group", "Voice E&M Feature Group", "Voice FGD EANA", "Voice DID", "MPEG Transport", "6To4", "GTP", "Paradyne EtherLoop 1", "Paradyne EtherLoop 2", "Optical Channel Group", "HomePNA", "GFP", "ciscoISLvlan", "actelisMetaLOOP", "Fcip", "IANA Reserved", "IPv4", "IPv6", "IPv4/v6", "IPX", "DECnet", "SNA", "CONP", "CLNP", "VINES", "XNS", "ISDN B Channel Endpoint", "ISDN D Channel Endpoint", "BGP", "OSPF", "UDP", "TCP", "802.11a", "802.11b", "802.11g", "802.11h", "NFS", "CIFS", "DAFS", "WebDAV", "HTTP", "FTP", "NDMP", "Telnet", "SSH", "SM CLP", "SMTP", "LDAP", "RDP", "HTTPS", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 ProtocolIFType; [Description("This field is ignored.") : Amended ToSubclass] string OtherTypeDescription; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 LifetimeSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("Percent") : Amended ToSubclass] uint8 RefreshThresholdSecondsPercentage; [Description("This field is ignored.") : Amended ToSubclass,Units("Seconds") : Amended ToSubclass] uint64 IdleDurationSeconds; [Description("This field is ignored.") : Amended ToSubclass,Units("KiloBytes") : Amended ToSubclass] uint64 LifetimeKilobytes; [Description("This field is ignored.") : Amended ToSubclass,Units("Percent") : Amended ToSubclass] uint8 RefreshThresholdKbytesPercentage; [Description("This field is ignored.") : Amended ToSubclass] boolean PacketLoggingActive; [Description("This field is ignored.") : Amended ToSubclass] uint32 SPI; [Description("This field is ignored.") : Amended ToSubclass] boolean InboundDirection; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Tunnel", "Transport"} : Amended ToSubclass] uint16 EncapsulationMode; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Copy from Internal to External IP Header", "Set DF Bit in External Header to 1", "Set DF Bit in External Header to 0"} : Amended ToSubclass] uint16 DFHandling; [Description("This field is ignored.") : Amended ToSubclass] boolean PFSInUse; [Description("The address of the local endpoint the SA applies to.") : Amended ToSubclass] string LocalEndpoint; [Description("The address of the remote endpoint the SA applies to.") : Amended ToSubclass] string RemoteEndpoint; [Description("The local machine port the SA applies to, or 0 for all ports.") : Amended ToSubclass] uint16 LocalPort; [Description("The remote machine port the SA applies to, or 0 for all ports.") : Amended ToSubclass] uint16 RemotePort; [Description("If traffic type is transport mode, this is the LUID of the FWPS transport layer filter corresponding to this traffic. If traffic type is tunnel mode, this is the LUID of the associated QM policy. In tunnel mode, this represents the QM traffic selectors for the tunnel") : Amended ToSubclass] uint64 TrafficLuid; [Description("IP protocol for this traffic. Only specified if the traffic is more general than the matching filter") : Amended ToSubclass] uint8 IpProtocol; [Description("Local interface alias") : Amended ToSubclass] string InterfaceAlias; [Description("The profile ID corresponding to the actual interface that the traffic is going out on or coming in from the wire.") : Amended ToSubclass] uint64 RealIfProfileId; [Description("Local Udp encapsulation port for NAT traversal") : Amended ToSubclass] uint16 LocalUdpEncapsulationPort; [Description("Remote Udp encapsulation port for NAT traversal") : Amended ToSubclass] uint16 RemoteUdpEncapsulationPort; [Description("SA Flags") : Amended ToSubclass,Values{"NdSecure", "NdBoundary", "NdPeerNatBoundary", "GuaranteeEncryption", "NLB", "NoMachineLuidVerify", "NoImpersonationLuidVerify", "NoExplicitCredMatch", "AllowNullTargetNameMatch", "ClearDfOnTunnel", "AssumeUdpContextOutbound", "NdPeerBoundary", "SuppressDuplicateDeletion", "PeerSupportsGuaranteeEncryption", "ForceInboundConnections", "ForceOutboundConnections", "ForwardPathInitiator"} : Amended ToSubclass] uint32 Flags; [Description("Name of the matching transport filter") : Amended ToSubclass] string TransportLayerFilterName; [Description("Id of the associated Main Mode") : Amended ToSubclass] uint64 MmSaId; [Description("First Transform type") : Amended ToSubclass,Values{"Ah", "Esp-auth", "Esp-cipher", "Esp-auth-and-cipher", "Esp-auth-firewall"} : Amended ToSubclass] uint32 FirstTransformType; [Description("The integrity algorithm for the first operation") : Amended ToSubclass,Values{"None", "MD5", "SHA-1", "SHA-256", "AES-GMAC-128", "AES-GMAC-192", "AES-GMAC-256"} : Amended ToSubclass] uint32 FirstIntegrityAlgorithm; [Description("The cipher algorithm for the first operation") : Amended ToSubclass,Values{"None", "DES", "3DES", "AES-128", "AES-192", "AES-256", "AES-GCM-128", "AES-GCM-192", "AES-GCM-256"} : Amended ToSubclass] uint32 FirstCipherAlgorithm; [Description("Second Transform type") : Amended ToSubclass,Values{"Ah", "Esp-auth", "Esp-cipher", "Esp-auth-and-cipher", "Esp-auth-firewall"} : Amended ToSubclass] uint32 SecondTransformType; [Description("The integrity algorithm for the second operation") : Amended ToSubclass,Values{"None", "MD5", "SHA-1", "SHA-256", "AES-GMAC-128", "AES-GMAC-192", "AES-GMAC-256"} : Amended ToSubclass] uint32 SecondIntegrityAlgorithm; [Description("The cipher algorithm for the second operation") : Amended ToSubclass,Values{"None", "DES", "3DES", "AES-128", "AES-192", "AES-256", "AES-GCM-128", "AES-GCM-192", "AES-GCM-256"} : Amended ToSubclass] uint32 SecondCipherAlgorithm; [Description("The spi for the first operation") : Amended ToSubclass] uint32 SecondSPI; [Description("Private address of peer behind NAT") : Amended ToSubclass] string PeerV4PrivateAddress; [Description("Perfect forward secrecy group id") : Amended ToSubclass,Values{"None", "DH Group 1", "DH Group 2", "DH Group 14", "DH Group 19", "DH Group 20", "DH Group 24", "Same as Main Mode"} : Amended ToSubclass] uint32 PfsGroupId; [Description("LUID of the FWPS_LAYER_IPSEC_XX layer FWPS filter corresponding to this SA") : Amended ToSubclass] uint64 QuickModeFilterId; [Description("Liftime by number of packets") : Amended ToSubclass] uint64 LifetimePackets; [Description("Timeout after which the IPsec SA should stop accepting packets coming in the clear in negotiation discovery mode") : Amended ToSubclass] uint32 NdAllowClearTimeoutSeconds; [Description("Network Access Protection context") : Amended ToSubclass] uint32 NapContext; [Description("Identifier for tiebraking simultaneous SAs") : Amended ToSubclass] uint32 QmSaId; [Description("ID/Handle to Virtual-IF tunnel state") : Amended ToSubclass] uint64 VirtualIfTunnelId; [Description("ID/Handle to Virtual-IF traffic selector(s)") : Amended ToSubclass] uint64 TrafficSelectorId; [Description("Main Mode target SPN") : Amended ToSubclass] string MmTargetName; [Description("Extended Mode target SPN") : Amended ToSubclass] string EmTargetName; [Description("Optional handle to explicit credentials") : Amended ToSubclass] uint64 ExplicitCredentials; }; [Description("A MainMode SA.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetSAAssociation : CIM_Phase1SAUsedForPhase2 { [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] CIM_SecurityAssociationEndpoint Ref Antecedent; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] CIM_IPsecSAEndpoint Ref Dependent; }; [Description("IPSec policy delta") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetSecDeltaCollection : CIM_SettingData { [Description("Reserved for internal use by the WMI provider only") : Amended ToSubclass,key] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("Action") : Amended ToSubclass,Values{"Add", "Delete"} : Amended ToSubclass] uint16 Action; [Description("Array of V6 addresses") : Amended ToSubclass] string IPv6Addresses[]; [Description("Array of V4 addresses") : Amended ToSubclass] string IPv4Addresses[]; [Description("Policy Store") : Amended ToSubclass] string PolicyStore; [Description("IPsec rule name") : Amended ToSubclass] string IPsecRuleName; [Description("endpoint type") : Amended ToSubclass,Values{"Endpoint1", "Endpoint2"} : Amended ToSubclass] uint16 EndpointType; [Description("Array of names that failed name resolution") : Amended ToSubclass] string NameResolutionFailures[]; [Description("The DisplayName of the IPsec rule.") : Amended ToSubclass] string IPsecRuleDisplayName; }; [Description("Global settings for IPsec.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetSecuritySettingData : MSFT_NetSettingData { [Description("Reserved for internal use by the WMI provider only") : Amended ToSubclass,key] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("Whether to enable stateful FTP.") : Amended ToSubclass,Values{"False", "True", "NotConfigured"} : Amended ToSubclass] uint16 EnableStatefulFtp; [Description("Whether to enable stateful PPTP.") : Amended ToSubclass,Values{"False", "True", "NotConfigured"} : Amended ToSubclass] uint16 EnableStatefulPptp; [Description("Current profile. This is only valid in the ActiveStore.") : Amended ToSubclass,Values{"None", "Public", "Private", "Domain", "Not Applicable"} : Amended ToSubclass] uint16 Profile; [Description("Specifies which kinds of certificate problems should cause a certificate to be rejected.") : Amended ToSubclass,Values{"None", "Attempt CRL Check", "Require CRL Check", "NotConfigured"} : Amended ToSubclass] uint16 CertValidationLevel; [Description("The maximum length of time, in seconds, that an SA may be idle before it will be torn down. 0 means Not Configured.") : Amended ToSubclass] uint32 MaxSAIdleTimeSeconds; [Description("When IPsec is in use, extra work is required to enable NAT traversal. This setting indicates on which side NAT traversal should be attempted.") : Amended ToSubclass,Values{"None", "Server", "Both", "NotConfigured"} : Amended ToSubclass] uint16 AllowIPsecThroughNAT; [Description("How to encode Pre-Shared Keys.") : Amended ToSubclass,Values{"UTF-16", "UTF-8", "NotConfigured"} : Amended ToSubclass] uint16 KeyEncoding; [Description("Traffic exemptions") : Amended ToSubclass,Values{"None", "NeighborDiscovery", "Icmp", "RouterDiscovery", "Dhcp", "NotConfigured"} : Amended ToSubclass] uint32 Exemptions; [Description("Opportunistically match full auth set per key module") : Amended ToSubclass,Values{"False", "True", "NotConfigured"} : Amended ToSubclass] uint16 RequireFullAuthSupport; [Description("SDDL for remote machine tunnel SA authorization") : Amended ToSubclass] string RemoteMachineTunnelAuthorizationList; [Description("SDDL for remote user tunnel SA authorization") : Amended ToSubclass] string RemoteUserTunnelAuthorizationList; [Description("SDDL for remote machine transport SA authorization") : Amended ToSubclass] string RemoteMachineTransportAuthorizationList; [Description("SDDL for remote user transport SA authorization") : Amended ToSubclass] string RemoteUserTransportAuthorizationList; [Description("Toggle IPSec queuing of packets for RSS-like functionality") : Amended ToSubclass,Values{"NotConfigured", "Receive", "Forward"} : Amended ToSubclass] uint16 EnablePacketQueuing; }; [Description("Filters traffic based on which Windows service it is sent or received by.") : Amended ToSubclass,AMENDMENT, LOCALE("MS_409")] class MSFT_NetServiceFilter : CIM_FilterEntryBase { [Description("A string that uniquely identifies this instance within the PolicyStore.") : Amended ToSubclass] string InstanceID; [Description("Used in CimInstance.ToString(). A short string for describing this instance when debugging.") : Amended ToSubclass] string Caption; [Description("This field is ignored.") : Amended ToSubclass] string Description; [Description("This field is ignored.") : Amended ToSubclass] string ElementName; [Description("This field is ignored.") : Amended ToSubclass] datetime InstallDate; [Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass,key] string Name; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Other", "OK", "Degraded", "Stressed", "Predictive Failure", "Error", "Non-Recoverable Error", "Starting", "Stopping", "Stopped", "In Service", "No Contact", "Lost Communication", "Aborted", "Dormant", "Supporting Entity in Error", "Completed", "Power Mode", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperationalStatus[]; [Description("This field is ignored.") : Amended ToSubclass] string StatusDescriptions[]; [Description("This field is ignored.") : Amended ToSubclass] string Status; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded/Warning", "Minor failure", "Major failure", "Critical failure", "Non-recoverable error", "DMTF Reserved"} : Amended ToSubclass] uint16 HealthState; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Communication OK", "Lost Communication", "No Contact", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 CommunicationStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Not Available", "No Additional Information", "Stressed", "Predictive Failure", "Non-Recoverable Error", "Supporting Entity in Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 DetailedStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "Not Available", "Servicing", "Starting", "Stopping", "Stopped", "Aborted", "Dormant", "Completed", "Migrating", "Emigrating", "Immigrating", "Snapshotting", "Shutting Down", "In Test", "Transitioning", "In Service", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 OperatingStatus; [Description("This field is ignored.") : Amended ToSubclass,Values{"Unknown", "OK", "Degraded", "Error", "DMTF Reserved", "Vendor Reserved"} : Amended ToSubclass] uint16 PrimaryStatus; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemCreationClassName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string SystemName; [key,Description("Reserved for internal use by the WMI provider only.") : Amended ToSubclass] string CreationClassName; [Description("This field is ignored.") : Amended ToSubclass] boolean IsNegated; [Description("The short name of the service to be filtered.") : Amended ToSubclass] string ServiceName; };