-- These MIBs were created on 05/27/2001
-- This module defines enterprise MIBs for NS admin setting
-- 
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
-- 

-- MODULE-IDENTITY
--  OrgName
--    Juniper Networks, Inc.
--  ContactInfo
--     Customer Support
--     
--     1194 North Mathilda Avenue 
--     Sunnyvale, California 94089-1206
--     USA
--     
--     Tel: 1-800-638-8296
--     E-mail: customerservice@juniper.net
--     HTTP://www.juniper.net"
--
--  Descr
--    This module defines the object that are used to monitor
--    admin user
--
--  Last modified date: 05/03/2004
--  Modified copyright and contact info
--    
--  Last modified date: 09/28/2001
--    
--  Last modified date: 11/10/2003
--  Correct spelling mistake
--
--  Last modified date: 12/26/2007
--  Add definition of nsAdminUserLocalRole for RLI859
--

NETSCREEN-SET-ADMIN-USR-MIB DEFINITIONS ::= BEGIN
IMPORTS
    DisplayString       FROM RFC1213-MIB 
    netscreenSetting FROM NETSCREEN-SMI;
    
    nsSetAdminUser OBJECT IDENTIFIER ::= { netscreenSetting 11 }
    nsSetAdminUserLocalTable OBJECT-TYPE 
        SYNTAX SEQUENCE OF NsSetAdminUserLocalEntry
        ACCESS not-accessible
        STATUS mandatory
        DESCRIPTION
                "This table collects all administration user information stored in 
                local user database."
        ::= { nsSetAdminUser 1 }

    nsSetAdminUserLocalEntry OBJECT-TYPE
        SYNTAX  NsSetAdminUserLocalEntry
        ACCESS  not-accessible
        STATUS  mandatory
        DESCRIPTION
               "Local database administration user attributes."
        INDEX   { nsAdminUserLocalIndex }
        ::= { nsSetAdminUserLocalTable 1 }

        NsSetAdminUserLocalEntry ::=
                SEQUENCE {
          nsAdminUserLocalIndex
              INTEGER,
                  nsAdminUserLocalName 
                      DisplayString,
                  nsAdminUserLocalPriv
                      INTEGER,
                  nsAdminUserLocalRole
                      INTEGER
        }

        nsAdminUserLocalIndex OBJECT-TYPE
        SYNTAX  INTEGER
        ACCESS  read-only
        STATUS  mandatory
        DESCRIPTION
             "A unique value for user info table.  Its value
              ranges between 0 and 65535 and may not be contiguous."
        ::= { nsSetAdminUserLocalEntry 1 }

    nsAdminUserLocalName OBJECT-TYPE
        SYNTAX  DisplayString (SIZE(0..32))
        ACCESS  read-only
        STATUS  mandatory
        DESCRIPTION
            "Administration user name."
        ::= { nsSetAdminUserLocalEntry 2 }

    nsAdminUserLocalPriv OBJECT-TYPE
        SYNTAX  INTEGER
        ACCESS  read-only
        STATUS  mandatory
        DESCRIPTION
            "Administration user's privileges. The smaller the value, 
            the higher the privileges."
        ::= { nsSetAdminUserLocalEntry 3 }

    nsAdminUserLocalRole OBJECT-TYPE
        SYNTAX  INTEGER {
                        not-assigned(0),
                        crypto(1),
                        security(2),
                        audit(4)
                }
        ACCESS  read-only
        STATUS  mandatory
        DESCRIPTION
            "Administration user's role attributes." 
        ::= { nsSetAdminUserLocalEntry 4 }

    nsAdminUserRadius OBJECT IDENTIFIER ::= { nsSetAdminUser 2 }

    nsAdminUserRadiusEnabled OBJECT-TYPE
        SYNTAX  INTEGER {
                        disabled(0),
                        enabled(1)
        }
        ACCESS  read-only
        STATUS  mandatory
        DESCRIPTION
            "Enable external radius server to authenticate admin user"
        ::= { nsAdminUserRadius 1 }

    nsAdminUserRadiusServer OBJECT-TYPE
        SYNTAX  DisplayString (SIZE(0..32))
        ACCESS  read-only
        STATUS  mandatory
        DESCRIPTION
            "External radius server name"
        ::= { nsAdminUserRadius 2 }
   
    nsSetAdminUserClientTable OBJECT-TYPE 
        SYNTAX SEQUENCE OF NsSetAdminUserClientEntry
        ACCESS not-accessible
        STATUS mandatory
        DESCRIPTION
                "Management Client IP addresses is used to restrict the administration 
                ability from one or multiple addresses of a subnet."
        ::= { nsSetAdminUser 3 }

    nsSetAdminUserClientEntry OBJECT-TYPE
        SYNTAX  NsSetAdminUserClientEntry
        ACCESS  not-accessible
        STATUS  mandatory
        DESCRIPTION
               "An entry containing admin client ip information"
        INDEX   { nsAdminUserClientIndex }
        ::= { nsSetAdminUserClientTable 1 }

        NsSetAdminUserClientEntry ::=
                SEQUENCE {
          nsAdminUserClientIndex
              INTEGER,
                  nsAdminUserClientIp 
                      IpAddress,
                  nsAdminUserClientNetmask
                      IpAddress,           
                  nsAdminUserVSYS   
                          Integer32
        }

        nsAdminUserClientIndex OBJECT-TYPE
        SYNTAX  INTEGER
        ACCESS  read-only
        STATUS  mandatory
        DESCRIPTION
             "A unique value for client ip table.  Its value
              ranges between 0 and 65535 and may not be contiguous." 
        ::= { nsSetAdminUserClientEntry 1 }

    nsAdminUserClientIp OBJECT-TYPE
        SYNTAX  IpAddress
        ACCESS  read-only
        STATUS  mandatory
        DESCRIPTION
            "Management client ip"
        ::= { nsSetAdminUserClientEntry 2 }

    nsAdminUserClientNetmask OBJECT-TYPE
        SYNTAX  IpAddress
        ACCESS  read-only
        STATUS  mandatory
        DESCRIPTION
            "Management client ip netmask"
        ::= { nsSetAdminUserClientEntry 3 }
    nsAdminUserVSYS OBJECT-TYPE
        SYNTAX  Integer32
        ACCESS  read-only
        STATUS  mandatory
        DESCRIPTION
            "Vsys ID of the admin user"
        ::= { nsSetAdminUserClientEntry 4 }
END