blob: a1897af9aba37c1438241698c7349bb9aa47f6c0 [file] [log] [blame]
{
"$id": "http://redfish.dmtf.org/schemas/v1/ManagerAccount.v1_6_2.json",
"$ref": "#/definitions/ManagerAccount",
"$schema": "http://redfish.dmtf.org/schemas/v1/redfish-schema-v1.json",
"copyright": "Copyright 2014-2020 DMTF. For the full DMTF copyright policy, see http://www.dmtf.org/about/policies/copyright",
"definitions": {
"AccountTypes": {
"enum": [
"Redfish",
"SNMP",
"OEM"
],
"enumDescriptions": {
"OEM": "OEM account type.",
"Redfish": "Allow access to the Redfish service.",
"SNMP": "Allow access to SNMP services."
},
"type": "string"
},
"Actions": {
"additionalProperties": false,
"description": "The available actions for this resource.",
"longDescription": "This type shall contain the available actions for this resource.",
"patternProperties": {
"^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
"description": "This property shall specify a valid odata or Redfish property.",
"type": [
"array",
"boolean",
"integer",
"number",
"null",
"object",
"string"
]
}
},
"properties": {
"Oem": {
"$ref": "#/definitions/OemActions",
"description": "The available OEM-specific actions for this resource.",
"longDescription": "This property shall contain the available OEM-specific actions for this resource.",
"versionAdded": "v1_1_0"
}
},
"type": "object"
},
"Links": {
"additionalProperties": false,
"description": "The links to other resources that are related to this resource.",
"longDescription": "This Redfish Specification-described type shall contain links to resources that are related to but are not contained by, or subordinate to, this resource.",
"patternProperties": {
"^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
"description": "This property shall specify a valid odata or Redfish property.",
"type": [
"array",
"boolean",
"integer",
"number",
"null",
"object",
"string"
]
}
},
"properties": {
"Oem": {
"$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Oem",
"description": "The OEM extension property.",
"longDescription": "This property shall contain the OEM extensions. All values for properties contained in this object shall conform to the Redfish Specification-described requirements."
},
"Role": {
"$ref": "http://redfish.dmtf.org/schemas/v1/Role.json#/definitions/Role",
"description": "The link to the Redfish role that defines the privileges for this account.",
"longDescription": "This property shall contain a link to a resource of type Role, and should link to the resource identified by the RoleId property.",
"readonly": true
}
},
"type": "object"
},
"ManagerAccount": {
"additionalProperties": false,
"description": "The ManagerAccount schema defines the user accounts that are owned by a manager. Changes to a manager account might affect the current Redfish service connection if this manager is responsible for the Redfish service.",
"longDescription": "This resource shall represent a user account for the manager in a Redfish implementation.",
"patternProperties": {
"^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
"description": "This property shall specify a valid odata or Redfish property.",
"type": [
"array",
"boolean",
"integer",
"number",
"null",
"object",
"string"
]
}
},
"properties": {
"@odata.context": {
"$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/context"
},
"@odata.etag": {
"$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/etag"
},
"@odata.id": {
"$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/id"
},
"@odata.type": {
"$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/type"
},
"AccountTypes": {
"description": "The account types.",
"items": {
"anyOf": [
{
"$ref": "#/definitions/AccountTypes"
},
{
"type": "null"
}
]
},
"longDescription": "This property shall contain an array of the various account types that apply to the account. If this property is not provided by the client, the default value shall be an array with the single value `Redfish`.",
"readonly": false,
"type": "array",
"versionAdded": "v1_4_0"
},
"Actions": {
"$ref": "#/definitions/Actions",
"description": "The available actions for this resource.",
"longDescription": "The actions property shall contain the available actions for this resource.",
"versionAdded": "v1_1_0"
},
"Certificates": {
"$ref": "http://redfish.dmtf.org/schemas/v1/CertificateCollection.json#/definitions/CertificateCollection",
"description": "The link to a collection of certificates used for this account.",
"longDescription": "This property shall contain a link to a resource collection of type CertificateCollection.",
"readonly": true,
"versionAdded": "v1_2_0"
},
"Description": {
"anyOf": [
{
"$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Description"
},
{
"type": "null"
}
],
"readonly": true
},
"Enabled": {
"description": "An indication of whether an account is enabled. An administrator can disable it without deleting the user information. If `true`, the account is enabled and the user can log in. If `false`, the account is disabled and, in the future, the user cannot log in.",
"longDescription": "This property shall indicate whether an account is enabled. If `true`, the account is enabled and the user can log in. If `false`, the account is disabled and, in the future, the user cannot log in.",
"readonly": false,
"type": "boolean"
},
"Id": {
"$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Id",
"readonly": true
},
"Links": {
"$ref": "#/definitions/Links",
"description": "The links to other resources that are related to this resource.",
"longDescription": "This property shall contain links to resources that are related to but are not contained by, or subordinate to, this resource."
},
"Locked": {
"description": "An indication of whether the account service automatically locked the account because the lockout threshold was exceeded. To manually unlock the account before the lockout duration period, an administrator can change the property to `false` to clear the lockout condition.",
"longDescription": "This property shall indicate whether the account service automatically locked the account because the AccountLockoutThreshold was exceeded. To manually unlock the account before the lockout duration period, an administrator shall be able to change the property to `false` to clear the lockout condition.",
"readonly": false,
"type": "boolean"
},
"Name": {
"$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Name",
"readonly": true
},
"OEMAccountTypes": {
"description": "The OEM account types.",
"items": {
"type": [
"string",
"null"
]
},
"longDescription": "This property shall contain an array of the OEM account types for this account. This property shall be valid when AccountTypes contains `OEM`.",
"readonly": false,
"type": "array",
"versionAdded": "v1_4_0"
},
"Oem": {
"$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Oem",
"description": "The OEM extension property.",
"longDescription": "This property shall contain the OEM extensions. All values for properties that this object contains shall conform to the Redfish Specification-described requirements."
},
"Password": {
"description": "The password. Use this property with a PATCH or PUT to write the password for the account. This property is `null` in responses.",
"longDescription": "This property shall contain the password for this account. The value shall be `null` in responses.",
"readonly": false,
"type": [
"string",
"null"
]
},
"PasswordChangeRequired": {
"description": "An indication of whether the service requires that the password for this account be changed before further access to the account is allowed.",
"longDescription": "This property shall indicate whether the service requires that the password for this account be changed before further access to the account is allowed. The implementation might deny access to the service if the password has not been changed. A manager account created with an initial PasswordChangeRequired value of `true` might force a password change before first access of the account. When the Password property for this account is updated, the service shall set this property to `false`.",
"readonly": false,
"type": [
"boolean",
"null"
],
"versionAdded": "v1_3_0"
},
"PasswordExpiration": {
"description": "Indicates the date and time when this account password expires. If `null`, the account password never expires.",
"format": "date-time",
"longDescription": "This property shall contain the date and time when this account password expires. If the value is `null`, the account password never expires.",
"readonly": false,
"type": [
"string",
"null"
],
"versionAdded": "v1_6_0"
},
"RoleId": {
"description": "The role for this account.",
"longDescription": "This property shall contain the RoleId of the role resource configured for this account. The service shall reject POST, PATCH, or PUT operations that provide a RoleId that does not exist by returning the HTTP 400 (Bad Request) status code.",
"readonly": false,
"type": "string"
},
"SNMP": {
"anyOf": [
{
"$ref": "#/definitions/SNMPUserInfo"
},
{
"type": "null"
}
],
"description": "The SNMP settings for this account.",
"longDescription": "This property shall contain the SNMP settings for this account when AccountTypes contains `SNMP`.",
"versionAdded": "v1_4_0"
},
"UserName": {
"description": "The user name for the account.",
"longDescription": "This property shall contain the user name for this account.",
"readonly": false,
"type": "string"
}
},
"required": [
"@odata.id",
"@odata.type",
"Id",
"Name",
"AccountTypes"
],
"requiredOnCreate": [
"Password",
"UserName",
"RoleId"
],
"type": "object"
},
"OemActions": {
"additionalProperties": true,
"description": "The available OEM-specific actions for this resource.",
"longDescription": "This type shall contain the available OEM-specific actions for this resource.",
"patternProperties": {
"^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
"description": "This property shall specify a valid odata or Redfish property.",
"type": [
"array",
"boolean",
"integer",
"number",
"null",
"object",
"string"
]
}
},
"properties": {},
"type": "object"
},
"SNMPAuthenticationProtocols": {
"enum": [
"None",
"HMAC_MD5",
"HMAC_SHA96"
],
"enumDescriptions": {
"HMAC_MD5": "HMAC-MD5-96 authentication.",
"HMAC_SHA96": "HMAC-SHA-96 authentication.",
"None": "No authentication."
},
"enumLongDescriptions": {
"HMAC_MD5": "This value shall indicate authentication conforms to the RFC3414-defined HMAC-MD5-96 authentication protocol.",
"HMAC_SHA96": "This value shall indicate authentication conforms to the RFC3414-defined HMAC-SHA-96 authentication protocol.",
"None": "This value shall indicate authentication is not required."
},
"type": "string"
},
"SNMPEncryptionProtocols": {
"enum": [
"None",
"CBC_DES",
"CFB128_AES128"
],
"enumDescriptions": {
"CBC_DES": "CBC-DES encryption.",
"CFB128_AES128": "CFB128-AES-128 encryption.",
"None": "No encryption."
},
"enumLongDescriptions": {
"CBC_DES": "This value shall indicate encryption conforms to the RFC3414-defined CBC-DES encryption protocol.",
"CFB128_AES128": "This value shall indicate encryption conforms to the RFC3826-defined CFB128-AES-128 encryption protocol.",
"None": "This value shall indicate there is no encryption."
},
"type": "string"
},
"SNMPUserInfo": {
"additionalProperties": false,
"description": "The SNMP settings for an account.",
"longDescription": "This object shall contain the SNMP settings for an account.",
"patternProperties": {
"^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
"description": "This property shall specify a valid odata or Redfish property.",
"type": [
"array",
"boolean",
"integer",
"number",
"null",
"object",
"string"
]
}
},
"properties": {
"AuthenticationKey": {
"description": "The secret authentication key for SNMPv3.",
"longDescription": "This property shall contain the key for SNMPv3 authentication. The value shall be `null` in responses. This property accepts a passphrase or a hex-encoded key. If the string starts with `Passphrase:`, the remainder of the string shall be the passphrase and shall be converted to the key as described in the 'Password to Key Algorithm' section of RFC3414. If the string starts with `Hex:`, then the remainder of the string shall be the key encoded in hexadecimal notation. If the string starts with neither, the full string shall be a passphrase and shall be converted to the key as described in the 'Password to Key Algorithm' section of RFC3414. The passphrase can contain any printable characters except for the double quotation mark.",
"pattern": "(^[ !#-~]+$)|(^Passphrase:[ ^[ !#-~]+$)|(^Hex:[0-9A-Fa-f]{24})|(^\\*+$)",
"readonly": false,
"type": [
"string",
"null"
],
"versionAdded": "v1_4_0"
},
"AuthenticationKeySet": {
"description": "Indicates if the AuthenticationKey property is set.",
"longDescription": "This property shall contain `true` if a valid value was provided for the AuthenticationKey property. Otherwise, the property shall contain `false`.",
"readonly": true,
"type": "boolean",
"versionAdded": "v1_5_0"
},
"AuthenticationProtocol": {
"anyOf": [
{
"$ref": "#/definitions/SNMPAuthenticationProtocols"
},
{
"type": "null"
}
],
"description": "The authentication protocol for SNMPv3.",
"longDescription": "This property shall contain the SNMPv3 authentication protocol.",
"readonly": false,
"versionAdded": "v1_4_0"
},
"EncryptionKey": {
"description": "The secret encryption key used in SNMPv3.",
"longDescription": "This property shall contain the key for SNMPv3 encryption. The value shall be `null` in responses. This property accepts a passphrase or a hex-encoded key. If the string starts with `Passphrase:`, the remainder of the string shall be the passphrase and shall be converted to the key as described in the 'Password to Key Algorithm' section of RFC3414. If the string starts with `Hex:`, then the remainder of the string shall be the key encoded in hexadecimal notation. If the string starts with neither, the full string shall be a passphrase and shall be converted to the key as described in the 'Password to Key Algorithm' section of RFC3414. The passphrase can contain any printable characters except for the double quotation mark.",
"pattern": "(^[ !#-~]+$)|(^Passphrase:[ ^[ !#-~]+$)|(^Hex:[0-9A-Fa-f]{32})|(^\\*+$)",
"readonly": false,
"type": [
"string",
"null"
],
"versionAdded": "v1_4_0"
},
"EncryptionKeySet": {
"description": "Indicates if the EncryptionKey property is set.",
"longDescription": "This property shall contain `true` if a valid value was provided for the EncryptionKey property. Otherwise, the property shall contain `false`.",
"readonly": true,
"type": "boolean",
"versionAdded": "v1_5_0"
},
"EncryptionProtocol": {
"anyOf": [
{
"$ref": "#/definitions/SNMPEncryptionProtocols"
},
{
"type": "null"
}
],
"description": "The encryption protocol for SNMPv3.",
"longDescription": "This property shall contain the SNMPv3 encryption protocol.",
"readonly": false,
"versionAdded": "v1_4_0"
}
},
"type": "object"
}
},
"owningEntity": "DMTF",
"release": "2020.1",
"title": "#ManagerAccount.v1_6_2.ManagerAccount"
}