usmUserTable

SNMP-USER-BASED-SM-MIB · .1.3.6.1.6.3.15.1.2.2
MIB view Table view

Object

table 
The table of users configured in the SNMP engine's
Local Configuration Datastore (LCD).
          
To create a new user (i.e., to instantiate a new
conceptual row in this table), it is recommended to
follow this procedure:
          
  1)  GET(usmUserSpinLock.0) and save in sValue.
          
  2)  SET(usmUserSpinLock.0=sValue,
          usmUserCloneFrom=templateUser,
          usmUserStatus=createAndWait)
      You should use a template user to clone from
      which has the proper auth/priv protocol defined.
          
If the new user is to use privacy:
          
  3)  generate the keyChange value based on the secret
      privKey of the clone-from user and the secret key
      to be used for the new user. Let us call this
      pkcValue.
  4)  GET(usmUserSpinLock.0) and save in sValue.
  5)  SET(usmUserSpinLock.0=sValue,
          usmUserPrivKeyChange=pkcValue
          usmUserPublic=randomValue1)
  6)  GET(usmUserPulic) and check it has randomValue1.
      If not, repeat steps 4-6.
          
If the new user will never use privacy:
          
  7)  SET(usmUserPrivProtocol=usmNoPrivProtocol)
          
If the new user is to use authentication:
          
  8)  generate the keyChange value based on the secret
      authKey of the clone-from user and the secret key
      to be used for the new user. Let us call this
      akcValue.
  9)  GET(usmUserSpinLock.0) and save in sValue.
  10) SET(usmUserSpinLock.0=sValue,
          usmUserAuthKeyChange=akcValue
          usmUserPublic=randomValue2)
  11) GET(usmUserPulic) and check it has randomValue2.
      If not, repeat steps 9-11.
          
If the new user will never use authentication:
          
  12) SET(usmUserAuthProtocol=usmNoAuthProtocol)
          
Finally, activate the new user:
          
  13) SET(usmUserStatus=active)
          
The new user should now be available and ready to be
used for SNMPv3 communication. Note however that access
to MIB data must be provided via configuration of the
SNMP-VIEW-BASED-ACM-MIB.
          
The use of usmUserSpinlock is to avoid conflicts with
another SNMP command generator application which may
also be acting on the usmUserTable.

Context

MIB
SNMP-USER-BASED-SM-MIB
OID
.1.3.6.1.6.3.15.1.2.2
Type
table
Status
current
Parent
usmUser
Siblings
1
Children
1

Syntax

No syntax metadata recorded.

Values & Constraints

No enumerated values or constraints recorded.

Related Objects

Sibling Objects
ObjectTypeSyntaxOID
usmUserSpinLock
An advisory lock used to allow several cooperating Command Generator Applications to coordinate their use of facilities to alter secrets in the usmUserTable.
scalarSNMPv2-TCTestAndIncr.1.3.6.1.6.3.15.1.2.1
Child Objects
ObjectTypeSyntaxOID
usmUserEntry
A user configured in the SNMP engine's Local Configuration Datastore (LCD) for the User-based Security Model.
row-.1.3.6.1.6.3.15.1.2.2.1