File name: | wfascim.dll.mui |
Size: | 243200 byte |
MD5: | 71c7b002ae97fbb30e1c06cab69a968f |
SHA1: | e87a15a62ce6adc04f359e0262e4a83d71f609d4 |
SHA256: | ec83070ee550f317e9b9634d0726f8e177c41041b644b87ddaa7fa7918a43e5c |
Operating systems: | Windows 10 |
Extension: | MUI |
If an error occurred or the following message in Chinese (Traditional) language and you cannot find a solution, than check answer in English. Table below helps to know how correctly this phrase sounds in English.
id | Chinese (Traditional) | English |
---|---|---|
1 | InstanceID is an optional property that may be used to opaquely and uniquely identify an instance of this class within the scope of the instantiating Namespace. Various subclasses of this class may override this property to make it required, or a key. Such subclasses may also modify the preferred algorithms for ensuring uniqueness that are defined below. To ensure uniqueness within the NameSpace, the value of InstanceID should be constructed using the following "preferred" algorithm: : Where and are separated by a colon (:), and where must include a copyrighted, trademarked, or otherwise unique name that is owned by the business entity that is creating or defining the InstanceID or that is a registered ID assigned to the business entity by a recognized global authority. (This requirement is similar to the _ structure of Schema class names.) In addition, to ensure uniqueness, must not contain a colon (:). When using this algorithm, the first colon to appear in InstanceID must appear between and . is chosen by the business entity and should not be reused to identify different underlying (real-world) elements. If not null and the above "preferred" algorithm is not used, the defining entity must assure that the resulting InstanceID is not reused across any InstanceIDs produced by this or other providers for the NameSpace of this instance. If not set to null for DMTF-defined instances, the "preferred" algorithm must be used with the set to CIM. |
InstanceID is an optional property that may be used to opaquely and uniquely identify an instance of this class within the scope of the instantiating Namespace. Various subclasses of this class may override this property to make it required, or a key. Such subclasses may also modify the preferred algorithms for ensuring uniqueness that are defined below. To ensure uniqueness within the NameSpace, the value of InstanceID should be constructed using the following "preferred" algorithm: : Where and are separated by a colon (:), and where must include a copyrighted, trademarked, or otherwise unique name that is owned by the business entity that is creating or defining the InstanceID or that is a registered ID assigned to the business entity by a recognized global authority. (This requirement is similar to the _ structure of Schema class names.) In addition, to ensure uniqueness, must not contain a colon (:). When using this algorithm, the first colon to appear in InstanceID must appear between and . is chosen by the business entity and should not be reused to identify different underlying (real-world) elements. If not null and the above "preferred" algorithm is not used, the defining entity must assure that the resulting InstanceID is not reused across any InstanceIDs produced by this or other providers for the NameSpace of this instance. If not set to null for DMTF-defined instances, the "preferred" algorithm must be used with the set to CIM. |
2 | The Caption property is a short textual description (one- line string) of the object. | The Caption property is a short textual description (one- line string) of the object. |
3 | The Description property provides a textual description of the object. | The Description property provides a textual description of the object. |
4 | A user-friendly name for the object. This property allows each instance to define a user-friendly name in addition to its key properties, identity data, and description information. Note that the Name property of ManagedSystemElement is also defined as a user-friendly name. But, it is often subclassed to be a Key. It is not reasonable that the same property can convey both identity and a user-friendly name, without inconsistencies. Where Name exists and is not a Key (such as for instances of LogicalDevice), the same information can be present in both the Name and ElementName properties. Note that if there is an associated instance of CIM_EnabledLogicalElementCapabilities, restrictions on this properties may exist as defined in ElementNameMask and MaxElementNameLen properties defined in that class. |
A user-friendly name for the object. This property allows each instance to define a user-friendly name in addition to its key properties, identity data, and description information. Note that the Name property of ManagedSystemElement is also defined as a user-friendly name. But, it is often subclassed to be a Key. It is not reasonable that the same property can convey both identity and a user-friendly name, without inconsistencies. Where Name exists and is not a Key (such as for instances of LogicalDevice), the same information can be present in both the Name and ElementName properties. Note that if there is an associated instance of CIM_EnabledLogicalElementCapabilities, restrictions on this properties may exist as defined in ElementNameMask and MaxElementNameLen properties defined in that class. |
5 | 2.19.0 | 2.19.0 |
6 | ManagedElement is an abstract class that provides a common superclass (or top of the inheritance tree) for the non-association classes in the CIM Schema. | ManagedElement is an abstract class that provides a common superclass (or top of the inheritance tree) for the non-association classes in the CIM Schema. |
7 | A datetime value that indicates when the object was installed. Lack of a value does not indicate that the object is not installed. | A datetime value that indicates when the object was installed. Lack of a value does not indicate that the object is not installed. |
8 | The Name property defines the label by which the object is known. When subclassed, the Name property can be overridden to be a Key property. | The Name property defines the label by which the object is known. When subclassed, the Name property can be overridden to be a Key property. |
9 | Indicates the current statuses of the element. Various operational statuses are defined. Many of the enumeration\'s values are self-explanatory. However, a few are not and are described here in more detail. "Stressed" indicates that the element is functioning, but needs attention. Examples of "Stressed" states are overload, overheated, and so on. "Predictive Failure" indicates that an element is functioning nominally but predicting a failure in the near future. "In Service" describes an element being configured, maintained, cleaned, or otherwise administered. "No Contact" indicates that the monitoring system has knowledge of this element, but has never been able to establish communications with it. "Lost Communication" indicates that the ManagedSystem Element is known to exist and has been contacted successfully in the past, but is currently unreachable. "Stopped" and "Aborted" are similar, although the former implies a clean and orderly stop, while the latter implies an abrupt stop where the state and configuration of the element might need to be updated. "Dormant" indicates that the element is inactive or quiesced. "Supporting Entity in Error" indicates that this element might be "OK" but that another element, on which it is dependent, is in error. An example is a network service or endpoint that cannot function due to lower-layer networking problems. "Completed" indicates that the element has completed its operation. This value should be combined with either OK, Error, or Degraded so that a client can tell if the complete operation Completed with OK (passed), Completed with Error (failed), or Completed with Degraded (the operation finished, but it did not complete OK or did not report an error). "Power Mode" indicates that the element has additional power model information contained in the Associated PowerManagementService association. OperationalStatus replaces the Status property on ManagedSystemElement to provide a consistent approach to enumerations, to address implementation needs for an array property, and to provide a migration path from today\'s environment to the future. This change was not made earlier because it required the deprecated qualifier. Due to the widespread use of the existing Status property in management applications, it is strongly recommended that providers or instrumentation provide both the Status and OperationalStatus properties. Further, the first value of OperationalStatus should contain the primary status for the element. When instrumented, Status (because it is single-valued) should also provide the primary status of the element. |
Indicates the current statuses of the element. Various operational statuses are defined. Many of the enumeration\'s values are self-explanatory. However, a few are not and are described here in more detail. "Stressed" indicates that the element is functioning, but needs attention. Examples of "Stressed" states are overload, overheated, and so on. "Predictive Failure" indicates that an element is functioning nominally but predicting a failure in the near future. "In Service" describes an element being configured, maintained, cleaned, or otherwise administered. "No Contact" indicates that the monitoring system has knowledge of this element, but has never been able to establish communications with it. "Lost Communication" indicates that the ManagedSystem Element is known to exist and has been contacted successfully in the past, but is currently unreachable. "Stopped" and "Aborted" are similar, although the former implies a clean and orderly stop, while the latter implies an abrupt stop where the state and configuration of the element might need to be updated. "Dormant" indicates that the element is inactive or quiesced. "Supporting Entity in Error" indicates that this element might be "OK" but that another element, on which it is dependent, is in error. An example is a network service or endpoint that cannot function due to lower-layer networking problems. "Completed" indicates that the element has completed its operation. This value should be combined with either OK, Error, or Degraded so that a client can tell if the complete operation Completed with OK (passed), Completed with Error (failed), or Completed with Degraded (the operation finished, but it did not complete OK or did not report an error). "Power Mode" indicates that the element has additional power model information contained in the Associated PowerManagementService association. OperationalStatus replaces the Status property on ManagedSystemElement to provide a consistent approach to enumerations, to address implementation needs for an array property, and to provide a migration path from today\'s environment to the future. This change was not made earlier because it required the deprecated qualifier. Due to the widespread use of the existing Status property in management applications, it is strongly recommended that providers or instrumentation provide both the Status and OperationalStatus properties. Further, the first value of OperationalStatus should contain the primary status for the element. When instrumented, Status (because it is single-valued) should also provide the primary status of the element. |
10 | Unknown | Unknown |
11 | Other | Other |
12 | OK | OK |
13 | Degraded | Degraded |
14 | Stressed | Stressed |
15 | Predictive Failure | Predictive Failure |
16 | Error | Error |
17 | Non-Recoverable Error | Non-Recoverable Error |
18 | Starting | Starting |
19 | Stopping | Stopping |
20 | Stopped | Stopped |
21 | In Service | In Service |
22 | No Contact | No Contact |
23 | Lost Communication | Lost Communication |
24 | Aborted | Aborted |
25 | Dormant | Dormant |
26 | Supporting Entity in Error | Supporting Entity in Error |
27 | Completed | Completed |
28 | Power Mode | Power Mode |
29 | DMTF Reserved | DMTF Reserved |
30 | Vendor Reserved | Vendor Reserved |
31 | Strings describing the various OperationalStatus array values. For example, if "Stopping" is the value assigned to OperationalStatus, then this property may contain an explanation as to why an object is being stopped. Note that entries in this array are correlated with those at the same array index in OperationalStatus. | Strings describing the various OperationalStatus array values. For example, if "Stopping" is the value assigned to OperationalStatus, then this property may contain an explanation as to why an object is being stopped. Note that entries in this array are correlated with those at the same array index in OperationalStatus. |
32 | A string indicating the current status of the object. Various operational and non-operational statuses are defined. This property is deprecated in lieu of OperationalStatus, which includes the same semantics in its enumeration. This change is made for 3 reasons: 1) Status is more correctly defined as an array. This definition overcomes the limitation of describing status using a single value, when it is really a multi-valued property (for example, an element might be OK AND Stopped. 2) A MaxLen of 10 is too restrictive and leads to unclear enumerated values. 3) The change to a uint16 data type was discussed when CIM V2.0 was defined. However, existing V1.0 implementations used the string property and did not want to modify their code. Therefore, Status was grandfathered into the Schema. Use of the deprecated qualifier allows the maintenance of the existing property, but also permits an improved definition using OperationalStatus. |
A string indicating the current status of the object. Various operational and non-operational statuses are defined. This property is deprecated in lieu of OperationalStatus, which includes the same semantics in its enumeration. This change is made for 3 reasons: 1) Status is more correctly defined as an array. This definition overcomes the limitation of describing status using a single value, when it is really a multi-valued property (for example, an element might be OK AND Stopped. 2) A MaxLen of 10 is too restrictive and leads to unclear enumerated values. 3) The change to a uint16 data type was discussed when CIM V2.0 was defined. However, existing V1.0 implementations used the string property and did not want to modify their code. Therefore, Status was grandfathered into the Schema. Use of the deprecated qualifier allows the maintenance of the existing property, but also permits an improved definition using OperationalStatus. |
33 | Indicates the current health of the element. This attribute expresses the health of this element but not necessarily that of its subcomponents. The possible values are 0 to 30, where 5 means the element is entirely healthy and 30 means the element is completely non-functional. The following continuum is defined: "Non-recoverable Error" (30) - The element has completely failed, and recovery is not possible. All functionality provided by this element has been lost. "Critical Failure" (25) - The element is non-functional and recovery might not be possible. "Major Failure" (20) - The element is failing. It is possible that some or all of the functionality of this component is degraded or not working. "Minor Failure" (15) - All functionality is available but some might be degraded. "Degraded/Warning" (10) - The element is in working order and all functionality is provided. However, the element is not working to the best of its abilities. For example, the element might not be operating at optimal performance or it might be reporting recoverable errors. "OK" (5) - The element is fully functional and is operating within normal operational parameters and without error. "Unknown" (0) - The implementation cannot report on HealthState at this time. DMTF has reserved the unused portion of the continuum for additional HealthStates in the future. |
Indicates the current health of the element. This attribute expresses the health of this element but not necessarily that of its subcomponents. The possible values are 0 to 30, where 5 means the element is entirely healthy and 30 means the element is completely non-functional. The following continuum is defined: "Non-recoverable Error" (30) - The element has completely failed, and recovery is not possible. All functionality provided by this element has been lost. "Critical Failure" (25) - The element is non-functional and recovery might not be possible. "Major Failure" (20) - The element is failing. It is possible that some or all of the functionality of this component is degraded or not working. "Minor Failure" (15) - All functionality is available but some might be degraded. "Degraded/Warning" (10) - The element is in working order and all functionality is provided. However, the element is not working to the best of its abilities. For example, the element might not be operating at optimal performance or it might be reporting recoverable errors. "OK" (5) - The element is fully functional and is operating within normal operational parameters and without error. "Unknown" (0) - The implementation cannot report on HealthState at this time. DMTF has reserved the unused portion of the continuum for additional HealthStates in the future. |
34 | Degraded/Warning | Degraded/Warning |
35 | Minor failure | Minor failure |
36 | Major failure | Major failure |
37 | Critical failure | Critical failure |
38 | Non-recoverable error | Non-recoverable error |
39 | CommunicationStatus indicates the ability of the instrumentation to communicate with the underlying ManagedElement. CommunicationStatus consists of one of the following values: Unknown, None, Communication OK, Lost Communication, or No Contact. A Null return indicates the implementation (provider) does not implement this property. "Unknown" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. "Not Available" indicates that the implementation (provider) is capable of returning a value for this property, but not ever for this particular piece of hardware/software or the property is intentionally not used because it adds no meaningful information (as in the case of a property that is intended to add additional info to another property). "Communication OK " indicates communication is established with the element, but does not convey any quality of service. "No Contact" indicates that the monitoring system has knowledge of this element, but has never been able to establish communications with it. "Lost Communication" indicates that the Managed Element is known to exist and has been contacted successfully in the past, but is currently unreachable. |
CommunicationStatus indicates the ability of the instrumentation to communicate with the underlying ManagedElement. CommunicationStatus consists of one of the following values: Unknown, None, Communication OK, Lost Communication, or No Contact. A Null return indicates the implementation (provider) does not implement this property. "Unknown" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. "Not Available" indicates that the implementation (provider) is capable of returning a value for this property, but not ever for this particular piece of hardware/software or the property is intentionally not used because it adds no meaningful information (as in the case of a property that is intended to add additional info to another property). "Communication OK " indicates communication is established with the element, but does not convey any quality of service. "No Contact" indicates that the monitoring system has knowledge of this element, but has never been able to establish communications with it. "Lost Communication" indicates that the Managed Element is known to exist and has been contacted successfully in the past, but is currently unreachable. |
40 | Not Available | Not Available |
41 | Communication OK | Communication OK |
42 | DetailedStatus compliments PrimaryStatus with additional status detail. It consists of one of the following values: Not Available, No Additional Information, Stressed, Predictive Failure, Error, Non-Recoverable Error, SupportingEntityInError. Detailed status is used to expand upon the PrimaryStatus of the element. A Null return indicates the implementation (provider) does not implement this property. "Not Available" indicates that the implementation (provider) is capable of returning a value for this property, but not ever for this particular piece of hardware/software or the property is intentionally not used because it adds no meaningful information (as in the case of a property that is intended to add additional info to another property). "No Additional Information" indicates that the element is functioning normally as indicated by PrimaryStatus = "OK". "Stressed" indicates that the element is functioning, but needs attention. Examples of "Stressed" states are overload, overheated, and so on. "Predictive Failure" indicates that an element is functioning normally but a failure is predicted in the near future. "Non-Recoverable Error " indicates that this element is in an error condition that requires human intervention. "Supporting Entity in Error" indicates that this element might be "OK" but that another element, on which it is dependent, is in error. An example is a network service or endpoint that cannot function due to lower-layer networking problems. |
DetailedStatus compliments PrimaryStatus with additional status detail. It consists of one of the following values: Not Available, No Additional Information, Stressed, Predictive Failure, Error, Non-Recoverable Error, SupportingEntityInError. Detailed status is used to expand upon the PrimaryStatus of the element. A Null return indicates the implementation (provider) does not implement this property. "Not Available" indicates that the implementation (provider) is capable of returning a value for this property, but not ever for this particular piece of hardware/software or the property is intentionally not used because it adds no meaningful information (as in the case of a property that is intended to add additional info to another property). "No Additional Information" indicates that the element is functioning normally as indicated by PrimaryStatus = "OK". "Stressed" indicates that the element is functioning, but needs attention. Examples of "Stressed" states are overload, overheated, and so on. "Predictive Failure" indicates that an element is functioning normally but a failure is predicted in the near future. "Non-Recoverable Error " indicates that this element is in an error condition that requires human intervention. "Supporting Entity in Error" indicates that this element might be "OK" but that another element, on which it is dependent, is in error. An example is a network service or endpoint that cannot function due to lower-layer networking problems. |
43 | No Additional Information | No Additional Information |
44 | OperatingStatus provides a current status value for the operational condition of the element and can be used for providing more detail with respect to the value of EnabledState. It can also provide the transitional states when an element is transitioning from one state to another, such as when an element is transitioning between EnabledState and RequestedState, as well as other transitional conditions. OperatingStatus consists of one of the following values: Unknown, Not Available, In Service, Starting, Stopping, Stopped, Aborted, Dormant, Completed, Migrating, Emmigrating, Immigrating, Snapshotting. Shutting Down, In Test A Null return indicates the implementation (provider) does not implement this property. "Unknown" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. "None" indicates that the implementation (provider) is capable of returning a value for this property, but not ever for this particular piece of hardware/software or the property is intentionally not used because it adds no meaningful information (as in the case of a property that is intended to add additional info to another property). "Servicing" describes an element being configured, maintained, cleaned, or otherwise administered. "Starting" describes an element being initialized. "Stopping" describes an element being brought to an orderly stop. "Stopped" and "Aborted" are similar, although the former implies a clean and orderly stop, while the latter implies an abrupt stop where the state and configuration of the element might need to be updated. "Dormant" indicates that the element is inactive or quiesced. "Completed" indicates that the element has completed its operation. This value should be combined with either OK, Error, or Degraded in the PrimaryStatus so that a client can tell if the complete operation Completed with OK (passed), Completed with Error (failed), or Completed with Degraded (the operation finished, but it did not complete OK or did not report an error). "Migrating" element is being moved between host elements. "Immigrating" element is being moved to new host element. "Emigrating" element is being moved away from host element. "Shutting Down" describes an element being brought to an abrupt stop. "In Test" element is performing test functions. "Transitioning" describes an element that is between states, that is, it is not fully available in either its previous state or its next state. This value should be used if other values indicating a transition to a specific state are not applicable. "In Service" describes an element that is in service and operational. |
OperatingStatus provides a current status value for the operational condition of the element and can be used for providing more detail with respect to the value of EnabledState. It can also provide the transitional states when an element is transitioning from one state to another, such as when an element is transitioning between EnabledState and RequestedState, as well as other transitional conditions. OperatingStatus consists of one of the following values: Unknown, Not Available, In Service, Starting, Stopping, Stopped, Aborted, Dormant, Completed, Migrating, Emmigrating, Immigrating, Snapshotting. Shutting Down, In Test A Null return indicates the implementation (provider) does not implement this property. "Unknown" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. "None" indicates that the implementation (provider) is capable of returning a value for this property, but not ever for this particular piece of hardware/software or the property is intentionally not used because it adds no meaningful information (as in the case of a property that is intended to add additional info to another property). "Servicing" describes an element being configured, maintained, cleaned, or otherwise administered. "Starting" describes an element being initialized. "Stopping" describes an element being brought to an orderly stop. "Stopped" and "Aborted" are similar, although the former implies a clean and orderly stop, while the latter implies an abrupt stop where the state and configuration of the element might need to be updated. "Dormant" indicates that the element is inactive or quiesced. "Completed" indicates that the element has completed its operation. This value should be combined with either OK, Error, or Degraded in the PrimaryStatus so that a client can tell if the complete operation Completed with OK (passed), Completed with Error (failed), or Completed with Degraded (the operation finished, but it did not complete OK or did not report an error). "Migrating" element is being moved between host elements. "Immigrating" element is being moved to new host element. "Emigrating" element is being moved away from host element. "Shutting Down" describes an element being brought to an abrupt stop. "In Test" element is performing test functions. "Transitioning" describes an element that is between states, that is, it is not fully available in either its previous state or its next state. This value should be used if other values indicating a transition to a specific state are not applicable. "In Service" describes an element that is in service and operational. |
45 | Servicing | Servicing |
46 | Migrating | Migrating |
47 | Emigrating | Emigrating |
48 | Immigrating | Immigrating |
49 | Snapshotting | Snapshotting |
50 | Shutting Down | Shutting Down |
51 | In Test | In Test |
52 | Transitioning | Transitioning |
53 | PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. PrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. "Unknown" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. "OK" indicates the ManagedElement is functioning normally. "Degraded" indicates the ManagedElement is functioning below normal. "Error" indicates the ManagedElement is in an Error condition. |
PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. PrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. "Unknown" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. "OK" indicates the ManagedElement is functioning normally. "Degraded" indicates the ManagedElement is functioning below normal. "Error" indicates the ManagedElement is in an Error condition. |
54 | CIM_ManagedSystemElement is the base class for the System Element hierarchy. Any distinguishable component of a System is a candidate for inclusion in this class. Examples of system components include: - software components such as application servers, databases, and applications - operating system components such as files, processes, and threads - device components such as disk drives, controllers, processors, and printers - physical components such as chips and cards. |
CIM_ManagedSystemElement is the base class for the System Element hierarchy. Any distinguishable component of a System is a candidate for inclusion in this class. Examples of system components include: - software components such as application servers, databases, and applications - operating system components such as files, processes, and threads - device components such as disk drives, controllers, processors, and printers - physical components such as chips and cards. |
55 | 2.22.0 | 2.22.0 |
56 | CIM_LogicalElement is a base class for all the components of a System that represent abstract system components, such as Files, Processes, or LogicalDevices. | CIM_LogicalElement is a base class for all the components of a System that represent abstract system components, such as Files, Processes, or LogicalDevices. |
57 | 2.6.0 | 2.6.0 |
58 | The Name property defines the label by which the Filter Entry is known and uniquely identified. | The Name property defines the label by which the Filter Entry is known and uniquely identified. |
59 | The scoping ComputerSystem\'s CreationClassName. | The scoping ComputerSystem\'s CreationClassName. |
60 | The scoping ComputerSystem\'s Name. | The scoping ComputerSystem\'s Name. |
61 | CreationClassName indicates the name of the class or the subclass used in the creation of an instance. When used with the other key properties of this class, this property allows all instances of this class and its subclasses to be uniquely identified. | CreationClassName indicates the name of the class or the subclass used in the creation of an instance. When used with the other key properties of this class, this property allows all instances of this class and its subclasses to be uniquely identified. |
62 | Boolean indicating that the match condition described in the properties of the FilterEntryBase subclass should be negated. This property is defined for ease of use when filtering on simple negations - for example, to select all source ports except 162. It is not recommended that this Boolean be set to True when filtering on multiple criteria, such as defining an IPHeadersFilter based on source/destination addresses, ports, and DiffServ Code Points. | Boolean indicating that the match condition described in the properties of the FilterEntryBase subclass should be negated. This property is defined for ease of use when filtering on simple negations - for example, to select all source ports except 162. It is not recommended that this Boolean be set to True when filtering on multiple criteria, such as defining an IPHeadersFilter based on source/destination addresses, ports, and DiffServ Code Points. |
63 | A FilterList aggregates instances of (subclasses of) FilterEntryBase via the aggregation EntriesInFilterList. The filter entries are always ANDed together when grouped by the FilterList. Note that it is possible to aggregate different types of filters into a single FilterList - for example, packet header filters (represented by the IpHeadersFilter class) and IPsec security filters. A FilterList is weak to the network device (e.g., the ComputerSystem) that contains it. Hence, the ComputerSystem keys are propagated to this class. |
A FilterList aggregates instances of (subclasses of) FilterEntryBase via the aggregation EntriesInFilterList. The filter entries are always ANDed together when grouped by the FilterList. Note that it is possible to aggregate different types of filters into a single FilterList - for example, packet header filters (represented by the IpHeadersFilter class) and IPsec security filters. A FilterList is weak to the network device (e.g., the ComputerSystem) that contains it. Hence, the ComputerSystem keys are propagated to this class. |
64 | 2.7.0 | 2.7.0 |
65 | A string that uniquely identifies this instance within the PolicyStore. | A string that uniquely identifies this instance within the PolicyStore. |
66 | Used in CimInstance.ToString(). A short string for describing this instance when debugging. | Used in CimInstance.ToString(). A short string for describing this instance when debugging. |
67 | This field is ignored. | This field is ignored. |
68 | Reserved for internal use by the WMI provider only. | Reserved for internal use by the WMI provider only. |
69 | An array of addresses, subnets, ranges, or some of the following tokens: Any, LocalSubnet, DefaultGateway, DHCP, WINS, DNS, Internet, Intranet, IntranetRemoteAccess, PlayToTargets. The 'Any' keyword may only be used by itself. | An array of addresses, subnets, ranges, or some of the following tokens: Any, LocalSubnet, DefaultGateway, DHCP, WINS, DNS, Internet, Intranet, IntranetRemoteAccess, PlayToTargets. The 'Any' keyword may only be used by itself. |
70 | Determines whether the the address is considered intranet or Internet. | Determines whether the the address is considered intranet or Internet. |
71 | An AddressFilter matches based on the local or remote address of the traffic. | An AddressFilter matches based on the local or remote address of the traffic. |
72 | Path and filename of the executable whose traffic to filter. | Path and filename of the executable whose traffic to filter. |
73 | The application package this rule applies to, given as a SID. | The application package this rule applies to, given as a SID. |
74 | Filters traffic based on which local application is sending or receiving the traffic. | Filters traffic based on which local application is sending or receiving the traffic. |
75 | A user-friendly name of this policy-related object. | A user-friendly name of this policy-related object. |
76 | An array of keywords for characterizing / categorizing policy objects. Keywords are of one of two types: - Keywords defined in this and other MOFs, or in DMTF white papers. These keywords provide a vendor- independent, installation-independent way of characterizing policy objects. - Installation-dependent keywords for characterizing policy objects. Examples include \'Engineering\', \'Billing\', and \'Review in December 2000\'. This MOF defines the following keywords: \'UNKNOWN\', \'CONFIGURATION\', \'USAGE\', \'SECURITY\', \'SERVICE\', \'MOTIVATIONAL\', \'INSTALLATION\', and \'EVENT\'. These concepts are self-explanatory and are further discussed in the SLA/Policy White Paper. One additional keyword is defined: \'POLICY\'. The role of this keyword is to identify policy-related instances that may not be otherwise identifiable, in some implementations. The keyword \'POLICY\' is NOT mutually exclusive of the other keywords specified above. |
An array of keywords for characterizing / categorizing policy objects. Keywords are of one of two types: - Keywords defined in this and other MOFs, or in DMTF white papers. These keywords provide a vendor- independent, installation-independent way of characterizing policy objects. - Installation-dependent keywords for characterizing policy objects. Examples include \'Engineering\', \'Billing\', and \'Review in December 2000\'. This MOF defines the following keywords: \'UNKNOWN\', \'CONFIGURATION\', \'USAGE\', \'SECURITY\', \'SERVICE\', \'MOTIVATIONAL\', \'INSTALLATION\', and \'EVENT\'. These concepts are self-explanatory and are further discussed in the SLA/Policy White Paper. One additional keyword is defined: \'POLICY\'. The role of this keyword is to identify policy-related instances that may not be otherwise identifiable, in some implementations. The keyword \'POLICY\' is NOT mutually exclusive of the other keywords specified above. |
77 | An abstract class defining the common properties of the policy managed elements derived from CIM_Policy. The subclasses are used to create rules and groups of rules that work together to form a coherent set of policies within an administrative domain or set of domains. | An abstract class defining the common properties of the policy managed elements derived from CIM_Policy. The subclasses are used to create rules and groups of rules that work together to form a coherent set of policies within an administrative domain or set of domains. |
78 | PolicyDecisionStrategy defines the evaluation method used for policies contained in the PolicySet. There are two values currently defined: - \'First Matching\' (1) executes the actions of the first rule whose conditions evaluate to TRUE. The concept of \'first\' is determined by examining the priority of the rule within the policy set (i.e., by examining the property, PolicySetComponent.Priority). Note that this ordering property MUST be maintained when processing the PolicyDecisionStrategy. - \'All\' (2) executes the actions of ALL rules whose conditions evaluate to TRUE, in the set. As noted above, the order of processing of the rules is defined by the property, PolicySetComponent.Priority (and within a rule, the ordering of the actions is defined by the property, PolicyActionStructure.ActionOrder). Note that when this strategy is defined, processing MUST be completed of ALL rules whose conditions evaluate to TRUE, regardless of errors in the execution of the rule actions. |
PolicyDecisionStrategy defines the evaluation method used for policies contained in the PolicySet. There are two values currently defined: - \'First Matching\' (1) executes the actions of the first rule whose conditions evaluate to TRUE. The concept of \'first\' is determined by examining the priority of the rule within the policy set (i.e., by examining the property, PolicySetComponent.Priority). Note that this ordering property MUST be maintained when processing the PolicyDecisionStrategy. - \'All\' (2) executes the actions of ALL rules whose conditions evaluate to TRUE, in the set. As noted above, the order of processing of the rules is defined by the property, PolicySetComponent.Priority (and within a rule, the ordering of the actions is defined by the property, PolicyActionStructure.ActionOrder). Note that when this strategy is defined, processing MUST be completed of ALL rules whose conditions evaluate to TRUE, regardless of errors in the execution of the rule actions. |
79 | First Matching | First Matching |
80 | All | All |
81 | The PolicyRoles property represents the roles associated with a PolicySet. All contained PolicySet instances inherit the values of the PolicyRoles of the aggregating PolicySet but the values are not copied. A contained PolicySet instance may, however, add additional PolicyRoles to those it inherits from its aggregating PolicySet(s). Each value in PolicyRoles multi-valued property represents a role for which the PolicySet applies, i.e., the PolicySet should be used by any enforcement point that assumes any of the listed PolicyRoles values. Although not officially designated as \'role combinations\', multiple roles may be specified using the form: [&&]* where the individual role names appear in alphabetical order (according to the collating sequence for UCS-2). Implementations may treat PolicyRoles values that are specified as \'role combinations\' as simple strings. This property is deprecated in lieu of the use of an association, CIM_PolicySetInRoleCollection. The latter is a more explicit and less error-prone approach to modeling that a PolicySet has one or more PolicyRoles. |
The PolicyRoles property represents the roles associated with a PolicySet. All contained PolicySet instances inherit the values of the PolicyRoles of the aggregating PolicySet but the values are not copied. A contained PolicySet instance may, however, add additional PolicyRoles to those it inherits from its aggregating PolicySet(s). Each value in PolicyRoles multi-valued property represents a role for which the PolicySet applies, i.e., the PolicySet should be used by any enforcement point that assumes any of the listed PolicyRoles values. Although not officially designated as \'role combinations\', multiple roles may be specified using the form: [&&]* where the individual role names appear in alphabetical order (according to the collating sequence for UCS-2). Implementations may treat PolicyRoles values that are specified as \'role combinations\' as simple strings. This property is deprecated in lieu of the use of an association, CIM_PolicySetInRoleCollection. The latter is a more explicit and less error-prone approach to modeling that a PolicySet has one or more PolicyRoles. |
82 | Indicates whether this PolicySet is administratively enabled, administratively disabled, or enabled for debug. The "EnabledForDebug" property value is deprecated and, when it or any value not understood by the receiver is specified, the receiving enforcement point treats the PolicySet as "Disabled". To determine if a PolicySet is "Enabled", the containment hierarchy specified by the PolicySetComponent aggregation is examined and the Enabled property values of the hierarchy are ANDed together. Thus, for example, everything aggregated by a PolicyGroup may be disabled by setting the Enabled property in the PolicyGroup instance to "Disabled" without changing the Enabled property values of any of the aggregated instances. The default value is 1 ("Enabled"). | Indicates whether this PolicySet is administratively enabled, administratively disabled, or enabled for debug. The "EnabledForDebug" property value is deprecated and, when it or any value not understood by the receiver is specified, the receiving enforcement point treats the PolicySet as "Disabled". To determine if a PolicySet is "Enabled", the containment hierarchy specified by the PolicySetComponent aggregation is examined and the Enabled property values of the hierarchy are ANDed together. Thus, for example, everything aggregated by a PolicyGroup may be disabled by setting the Enabled property in the PolicyGroup instance to "Disabled" without changing the Enabled property values of any of the aggregated instances. The default value is 1 ("Enabled"). |
83 | Enabled | Enabled |
84 | Disabled | Disabled |
85 | Enabled For Debug | Enabled For Debug |
86 | PolicySet is an abstract class that represents a set of policies that form a coherent set. The set of contained policies has a common decision strategy and a common set of policy roles (defined via the PolicySetInRole Collection association). Subclasses include PolicyGroup and PolicyRule. | PolicySet is an abstract class that represents a set of policies that form a coherent set. The set of contained policies has a common decision strategy and a common set of policy roles (defined via the PolicySetInRole Collection association). Subclasses include PolicyGroup and PolicyRule. |
87 | 2.8.0 | 2.8.0 |
88 | The scoping System\'s CreationClassName. | The scoping System\'s CreationClassName. |
89 | The scoping System\'s Name. | The scoping System\'s Name. |
90 | A user-friendly name of this PolicyRule. | A user-friendly name of this PolicyRule. |
91 | Indicates whether the list of PolicyConditions associated with this PolicyRule is in disjunctive normal form (DNF), conjunctive normal form (CNF), or has no conditions (i.e., is an UnconditionalRule) and is automatically evaluated to "True." The default value is 1 ("DNF"). | Indicates whether the list of PolicyConditions associated with this PolicyRule is in disjunctive normal form (DNF), conjunctive normal form (CNF), or has no conditions (i.e., is an UnconditionalRule) and is automatically evaluated to "True." The default value is 1 ("DNF"). |
92 | Unconditional Rule | Unconditional Rule |
93 | DNF | DNF |
94 | CNF | CNF |
95 | A free-form string that can be used to provide guidelines on how this PolicyRule should be used. | A free-form string that can be used to provide guidelines on how this PolicyRule should be used. |
96 | PolicyRule.Priority is deprecated and replaced by providing the priority for a rule (and a group) in the context of the aggregating PolicySet instead of the priority being used for all aggregating PolicySet instances. Thus, the assignment of priority values is much simpler. A non-negative integer for prioritizing this Policy Rule relative to other Rules. A larger value indicates a higher priority. The default value is 0. |
PolicyRule.Priority is deprecated and replaced by providing the priority for a rule (and a group) in the context of the aggregating PolicySet instead of the priority being used for all aggregating PolicySet instances. Thus, the assignment of priority values is much simpler. A non-negative integer for prioritizing this Policy Rule relative to other Rules. A larger value indicates a higher priority. The default value is 0. |
97 | A flag indicating that the evaluation of the Policy Conditions and execution of PolicyActions (if the Conditions evaluate to TRUE) is required. The evaluation of a PolicyRule MUST be attempted if the Mandatory property value is TRUE. If the Mandatory property is FALSE, then the evaluation of the Rule is \'best effort\' and MAY be ignored. | A flag indicating that the evaluation of the Policy Conditions and execution of PolicyActions (if the Conditions evaluate to TRUE) is required. The evaluation of a PolicyRule MUST be attempted if the Mandatory property value is TRUE. If the Mandatory property is FALSE, then the evaluation of the Rule is \'best effort\' and MAY be ignored. |
98 | This property gives a policy administrator a way of specifying how the ordering of the PolicyActions associated with this PolicyRule is to be interpreted. Three values are supported: o mandatory(1): Do the actions in the indicated order, or don\'t do them at all. o recommended(2): Do the actions in the indicated order if you can, but if you can\'t do them in this order, do them in another order if you can. o dontCare(3): Do them -- I don\'t care about the order. The default value is 3 ("DontCare"). |
This property gives a policy administrator a way of specifying how the ordering of the PolicyActions associated with this PolicyRule is to be interpreted. Three values are supported: o mandatory(1): Do the actions in the indicated order, or don\'t do them at all. o recommended(2): Do the actions in the indicated order if you can, but if you can\'t do them in this order, do them in another order if you can. o dontCare(3): Do them -- I don\'t care about the order. The default value is 3 ("DontCare"). |
99 | Mandatory | Mandatory |
100 | Recommended | Recommended |
101 | Dont Care | Dont Care |
102 | ExecutionStrategy defines the strategy to be used in executing the sequenced actions aggregated by this PolicyRule. There are three execution strategies: Do Until Success - execute actions according to predefined order, until successful execution of a single action. Do All - execute ALL actions which are part of the modeled set, according to their predefined order. Continue doing this, even if one or more of the actions fails. Do Until Failure - execute actions according to predefined order, until the first failure in execution of an action instance. |
ExecutionStrategy defines the strategy to be used in executing the sequenced actions aggregated by this PolicyRule. There are three execution strategies: Do Until Success - execute actions according to predefined order, until successful execution of a single action. Do All - execute ALL actions which are part of the modeled set, according to their predefined order. Continue doing this, even if one or more of the actions fails. Do Until Failure - execute actions according to predefined order, until the first failure in execution of an action instance. |
103 | Do Until Success | Do Until Success |
104 | Do All | Do All |
105 | Do Until Failure | Do Until Failure |
106 | The central class used for representing the \'If Condition then Action\' semantics of a policy rule. A PolicyRule condition, in the most general sense, is represented as either an ORed set of ANDed conditions (Disjunctive Normal Form, or DNF) or an ANDed set of ORed conditions (Conjunctive Normal Form, or CNF). Individual conditions may either be negated (NOT C) or unnegated (C). The actions specified by a PolicyRule are to be performed if and only if the PolicyRule condition (whether it is represented in DNF or CNF) evaluates to TRUE. The conditions and actions associated with a PolicyRule are modeled, respectively, with subclasses of PolicyCondition and PolicyAction. These condition and action objects are tied to instances of PolicyRule by the PolicyConditionInPolicyRule and PolicyActionInPolicyRule aggregations. A PolicyRule may also be associated with one or more policy time periods, indicating the schedule according to which the policy rule is active and inactive. In this case it is the PolicySetValidityPeriod aggregation that provides this linkage. The PolicyRule class uses the property ConditionListType, to indicate whether the conditions for the rule are in DNF (disjunctive normal form), CNF (conjunctive normal form) or, in the case of a rule with no conditions, as an UnconditionalRule. The PolicyConditionInPolicyRule aggregation contains two additional properties to complete the representation of the Rule\'s conditional expression. The first of these properties is an integer to partition the referenced PolicyConditions into one or more groups, and the second is a Boolean to indicate whether a referenced Condition is negated. An example shows how ConditionListType and these two additional properties provide a unique representation of a set of PolicyConditions in either DNF or CNF. Suppose we have a PolicyRule that aggregates five PolicyConditions C1 through C5, with the following values in the properties of the five PolicyConditionInPolicyRule associations: C1: GroupNumber = 1, ConditionNegated = FALSE C2: GroupNumber = 1, ConditionNegated = TRUE C3: GroupNumber = 1, ConditionNegated = FALSE C4: GroupNumber = 2, ConditionNegated = FALSE C5: GroupNumber = 2, ConditionNegated = FALSE If ConditionListType = DNF, then the overall condition for the PolicyRule is: (C1 AND (NOT C2) AND C3) OR (C4 AND C5) On the other hand, if ConditionListType = CNF, then the overall condition for the PolicyRule is: (C1 OR (NOT C2) OR C3) AND (C4 OR C5) In both cases, there is an unambiguous specification of the overall condition that is tested to determine whether to perform the PolicyActions associated with the PolicyRule. PolicyRule instances may also be used to aggregate other PolicyRules and/or PolicyGroups. When used in this way to implement nested rules, the conditions of the aggregating rule apply to the subordinate rules as well. However, any side effects of condition evaluation or the execution of actions MUST NOT affect the result of the evaluation of other conditions evaluated by the rule engine in the same evaluation pass. That is, an implementation of a rule engine MAY evaluate all conditions in any order before applying the priority and determining which actions are to be executed. |
The central class used for representing the \'If Condition then Action\' semantics of a policy rule. A PolicyRule condition, in the most general sense, is represented as either an ORed set of ANDed conditions (Disjunctive Normal Form, or DNF) or an ANDed set of ORed conditions (Conjunctive Normal Form, or CNF). Individual conditions may either be negated (NOT C) or unnegated (C). The actions specified by a PolicyRule are to be performed if and only if the PolicyRule condition (whether it is represented in DNF or CNF) evaluates to TRUE. The conditions and actions associated with a PolicyRule are modeled, respectively, with subclasses of PolicyCondition and PolicyAction. These condition and action objects are tied to instances of PolicyRule by the PolicyConditionInPolicyRule and PolicyActionInPolicyRule aggregations. A PolicyRule may also be associated with one or more policy time periods, indicating the schedule according to which the policy rule is active and inactive. In this case it is the PolicySetValidityPeriod aggregation that provides this linkage. The PolicyRule class uses the property ConditionListType, to indicate whether the conditions for the rule are in DNF (disjunctive normal form), CNF (conjunctive normal form) or, in the case of a rule with no conditions, as an UnconditionalRule. The PolicyConditionInPolicyRule aggregation contains two additional properties to complete the representation of the Rule\'s conditional expression. The first of these properties is an integer to partition the referenced PolicyConditions into one or more groups, and the second is a Boolean to indicate whether a referenced Condition is negated. An example shows how ConditionListType and these two additional properties provide a unique representation of a set of PolicyConditions in either DNF or CNF. Suppose we have a PolicyRule that aggregates five PolicyConditions C1 through C5, with the following values in the properties of the five PolicyConditionInPolicyRule associations: C1: GroupNumber = 1, ConditionNegated = FALSE C2: GroupNumber = 1, ConditionNegated = TRUE C3: GroupNumber = 1, ConditionNegated = FALSE C4: GroupNumber = 2, ConditionNegated = FALSE C5: GroupNumber = 2, ConditionNegated = FALSE If ConditionListType = DNF, then the overall condition for the PolicyRule is: (C1 AND (NOT C2) AND C3) OR (C4 AND C5) On the other hand, if ConditionListType = CNF, then the overall condition for the PolicyRule is: (C1 OR (NOT C2) OR C3) AND (C4 OR C5) In both cases, there is an unambiguous specification of the overall condition that is tested to determine whether to perform the PolicyActions associated with the PolicyRule. PolicyRule instances may also be used to aggregate other PolicyRules and/or PolicyGroups. When used in this way to implement nested rules, the conditions of the aggregating rule apply to the subordinate rules as well. However, any side effects of condition evaluation or the execution of actions MUST NOT affect the result of the evaluation of other conditions evaluated by the rule engine in the same evaluation pass. That is, an implementation of a rule engine MAY evaluate all conditions in any order before applying the priority and determining which actions are to be executed. |
107 | LimitNegotiation is used as part of processing either a key exchange or IPsec Rule. Before proceeding with either a phase 1 or a phase 2 negotiation, this property is checked to determine if the negotiation role of the Rule matches that defined for the negotiation being undertaken (e.g., Initiator, Responder, or Both). If this check fails, then the negotiation is stopped. Note that this only applies to new negotiations and has no effect on either renegotiation or refresh operations with peers for which an established Security Association already exists. | LimitNegotiation is used as part of processing either a key exchange or IPsec Rule. Before proceeding with either a phase 1 or a phase 2 negotiation, this property is checked to determine if the negotiation role of the Rule matches that defined for the negotiation being undertaken (e.g., Initiator, Responder, or Both). If this check fails, then the negotiation is stopped. Note that this only applies to new negotiations and has no effect on either renegotiation or refresh operations with peers for which an established Security Association already exists. |
108 | Initiator-Only | Initiator-Only |
109 | Responder-Only | Responder-Only |
110 | Either | Either |
111 | SARule is a base class for defining IKE and IPsec Rules. Although concrete (because it subclasses from a concrete class), it is not intended to be instantiated. It defines a common connection point for associating conditions and actions for both types of rules. Note that each valid PolicyGroup containing SARules MUST use a unique priority number for the Rule in the aggregation, PolicySetComponent.Priority. | SARule is a base class for defining IKE and IPsec Rules. Although concrete (because it subclasses from a concrete class), it is not intended to be instantiated. It defines a common connection point for associating conditions and actions for both types of rules. Note that each valid PolicyGroup containing SARules MUST use a unique priority number for the Rule in the aggregation, PolicySetComponent.Priority. |
112 | Specifies which platforms the rule is applicable on. If null, the rule applies to all platforms (the default). Each entry takes the form Major.Minor+, for instance 6.0, 6.1+, or 6.2. If + is specified, then it means that the rule applies to that version or greater. For instance, Windows Vista could be represented as 6 or 6.0, and Windows 7 or later would be represented as 6.1+. + may only be attached to the final item in the list. 6.0+ is not valid because it means the same thing as null (all platforms). | Specifies which platforms the rule is applicable on. If null, the rule applies to all platforms (the default). Each entry takes the form Major.Minor+, for instance 6.0, 6.1+, or 6.2. If + is specified, then it means that the rule applies to that version or greater. For instance, Windows Vista could be represented as 6 or 6.0, and Windows 7 or later would be represented as 6.1+. + may only be attached to the final item in the list. 6.0+ is not valid because it means the same thing as null (all platforms). |
113 | The locale-independent name for the group that this rule belongs to. If this field is non-null, then Windows Firewall with Advanced Security assumes that this rule belongs to a Windows component or an installed application, and some parts of the rule are protected (including but not limited to the Name, Description, Program, and Service). | The locale-independent name for the group that this rule belongs to. If this field is non-null, then Windows Firewall with Advanced Security assumes that this rule belongs to a Windows component or an installed application, and some parts of the rule are protected (including but not limited to the Name, Description, Program, and Service). |
114 | The localized name of this rule. This field's value is based on the value of ElementName. Changes to this field are ignored. | The localized name of this rule. This field's value is based on the value of ElementName. Changes to this field are ignored. |
115 | The group that this rule belongs to. This field is based on the value of RuleGroup and changes to this field are ignored. | The group that this rule belongs to. This field is based on the value of RuleGroup and changes to this field are ignored. |
116 | Which profiles this rule is active on. | Which profiles this rule is active on. |
117 | Any | Any |
118 | Public | Public |
119 | Private | Private |
120 | Domain | Domain |
121 | The InstanceID of the MainModeCryptoSet to use for Main Mode. | The InstanceID of the MainModeCryptoSet to use for Main Mode. |
122 | The InstanceID of the QuickModeCryptoSet to use for Quick Mode. | The InstanceID of the QuickModeCryptoSet to use for Quick Mode. |
123 | The InstanceID of the Phase1AuthenticationSet to use for Phase 1 auth. | The InstanceID of the Phase1AuthenticationSet to use for Phase 1 auth. |
124 | The InstanceID of the Phase2AuthenticationSet to use for Phase 2 auth. | The InstanceID of the Phase2AuthenticationSet to use for Phase 2 auth. |
125 | PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. PrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. "Unknown" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. "OK" indicates the ManagedElement is functioning normally. "Degraded" indicates the ManagedElement is functioning below normal. "Error" indicates the ManagedElement is in an Error condition. |
PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. PrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. "Unknown" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. "OK" indicates the ManagedElement is functioning normally. "Degraded" indicates the ManagedElement is functioning below normal. "Error" indicates the ManagedElement is in an Error condition. |
126 | The detailed status of the rule, as a numeric error code. | The detailed status of the rule, as a numeric error code. |
127 | The detailed status of the rule, as a string. | The detailed status of the rule, as a string. |
128 | If this object is retrieved from the ActiveStore, describes the current enforcement status of the rule. | If this object is retrieved from the ActiveStore, describes the current enforcement status of the rule. |
129 | Invalid | Invalid |
130 | Full | Full |
131 | FirewallOffInProfile | FirewallOffInProfile |
132 | CategoryOff | CategoryOff |
133 | DisabledObject | DisabledObject |
134 | InactiveProfile | InactiveProfile |
135 | LocalAddressResolutionEmpty | LocalAddressResolutionEmpty |
136 | RemoteAddressResolutionEmpty | RemoteAddressResolutionEmpty |
137 | LocalPortResolutionEmpty | LocalPortResolutionEmpty |
138 | RemotePortResolutionEmpty | RemotePortResolutionEmpty |
139 | InterfaceResolutionEmpty | InterfaceResolutionEmpty |
140 | ApplicationResolutionEmpty | ApplicationResolutionEmpty |
141 | RemoteMachineEmpty | RemoteMachineEmpty |
142 | RemoteUserEmpty | RemoteUserEmpty |
143 | LocalGlobalOpenPortsDisallowed | LocalGlobalOpenPortsDisallowed |
144 | LocalAuthorizedApplicationsDisallowed | LocalAuthorizedApplicationsDisallowed |
145 | LocalFirewallRulesDisallowed | LocalFirewallRulesDisallowed |
146 | LocalConsecRulesDisallowed | LocalConsecRulesDisallowed |
147 | NotTargetPlatform | NotTargetPlatform |
148 | OptimizedOut | OptimizedOut |
149 | LocalUserEmpty | LocalUserEmpty |
150 | TransportMachinesEmpty | TransportMachinesEmpty |
151 | TunnelMachinesEmpty | TunnelMachinesEmpty |
152 | TupleResolutionEmpty | TupleResolutionEmpty |
153 | If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, describes the type of PolicyStore where this rule originally came from. | If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, describes the type of PolicyStore where this rule originally came from. |
154 | If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, contains the path to the PolicyStore where this rule originally came from. | If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, contains the path to the PolicyStore where this rule originally came from. |
155 | Represents an IPsec Rule. Subtypes differentiate between Connection Security Rules (MSFT_NetConSecRule) and Main Mode Rules (MSFT_NetMainModeRule). | Represents an IPsec Rule. Subtypes differentiate between Connection Security Rules (MSFT_NetConSecRule) and Main Mode Rules (MSFT_NetMainModeRule). |
156 | Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. To ensure uniqueness within the NameSpace, the value of InstanceID should be constructed using the following "preferred" algorithm: : Where and are separated by a colon (:), and where must include a copyrighted, trademarked, or otherwise unique name that is owned by the business entity that is creating or defining the InstanceID or that is a registered ID assigned to the business entity by a recognized global authority. (This requirement is similar to the _ structure of Schema class names.) In addition, to ensure uniqueness, must not contain a colon (:). When using this algorithm, the first colon to appear in InstanceID must appear between and . is chosen by the business entity and should not be reused to identify different underlying (real-world) elements. If the above "preferred" algorithm is not used, the defining entity must assure that the resulting InstanceID is not reused across any InstanceIDs produced by this or other providers for the NameSpace of this instance. For DMTF-defined instances, the "preferred" algorithm must be used with the set to CIM. |
Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. To ensure uniqueness within the NameSpace, the value of InstanceID should be constructed using the following "preferred" algorithm: : Where and are separated by a colon (:), and where must include a copyrighted, trademarked, or otherwise unique name that is owned by the business entity that is creating or defining the InstanceID or that is a registered ID assigned to the business entity by a recognized global authority. (This requirement is similar to the _ structure of Schema class names.) In addition, to ensure uniqueness, must not contain a colon (:). When using this algorithm, the first colon to appear in InstanceID must appear between and . is chosen by the business entity and should not be reused to identify different underlying (real-world) elements. If the above "preferred" algorithm is not used, the defining entity must assure that the resulting InstanceID is not reused across any InstanceIDs produced by this or other providers for the NameSpace of this instance. For DMTF-defined instances, the "preferred" algorithm must be used with the set to CIM. |
157 | The user-friendly name for this instance of SettingData. In addition, the user-friendly name can be used as an index property for a search or query. (Note: The name does not have to be unique within a namespace.) | The user-friendly name for this instance of SettingData. In addition, the user-friendly name can be used as an index property for a search or query. (Note: The name does not have to be unique within a namespace.) |
158 | CIM_SettingData is used to represent configuration and and operational parameters for CIM_ManagedElement instances. There are a number of different uses of CIM_SettingData supported in the model today. Additional uses may be defined in the future. Instances of CIM_SettingData may represent Aspects of a CIM_ManagedElement instance. This is modeled using the CIM_SettingsDefineState association. CIM_SettingData may be used to define capabilities when associated to an instance of CIM_Capabilities through the CIM_SettingsDefineCapabilities association. Instances of CIM_SettingData may represent different types of configurations for a CIM_ManagedElement, including persistent configurations, in progress configuration changes, or requested configurations. The CIM_ElementSettingData association is used to model the relationship between a CIM_SettingData instance and the CIM_ManagedElement for which it is a configuration. When an instance of CIM_SettingData represents a configuration, the current operational values for the parameters of the element are reflected by properties in the Element itself or by properties in its associations. These properties do not have to be the same values that are present in the SettingData object. For example, a modem might have a SettingData baud rate of 56Kb/sec but be operating at 19.2Kb/sec. Note: The CIM_SettingData class is very similar to CIM_Setting, yet both classes are present in the model because many implementations have successfully used CIM_Setting. However, issues have arisen that could not be resolved without defining a new class. Therefore, until a new major release occurs, both classes will exist in the model. Refer to the Core White Paper for additional information. SettingData instances can be aggregated together into higher- level SettingData objects using ConcreteComponent associations. |
CIM_SettingData is used to represent configuration and and operational parameters for CIM_ManagedElement instances. There are a number of different uses of CIM_SettingData supported in the model today. Additional uses may be defined in the future. Instances of CIM_SettingData may represent Aspects of a CIM_ManagedElement instance. This is modeled using the CIM_SettingsDefineState association. CIM_SettingData may be used to define capabilities when associated to an instance of CIM_Capabilities through the CIM_SettingsDefineCapabilities association. Instances of CIM_SettingData may represent different types of configurations for a CIM_ManagedElement, including persistent configurations, in progress configuration changes, or requested configurations. The CIM_ElementSettingData association is used to model the relationship between a CIM_SettingData instance and the CIM_ManagedElement for which it is a configuration. When an instance of CIM_SettingData represents a configuration, the current operational values for the parameters of the element are reflected by properties in the Element itself or by properties in its associations. These properties do not have to be the same values that are present in the SettingData object. For example, a modem might have a SettingData baud rate of 56Kb/sec but be operating at 19.2Kb/sec. Note: The CIM_SettingData class is very similar to CIM_Setting, yet both classes are present in the model because many implementations have successfully used CIM_Setting. However, issues have arisen that could not be resolved without defining a new class. Therefore, until a new major release occurs, both classes will exist in the model. Refer to the Core White Paper for additional information. SettingData instances can be aggregated together into higher- level SettingData objects using ConcreteComponent associations. |
159 | Reserved for internal use by the WMI provider only | Reserved for internal use by the WMI provider only |
160 | Action | Action |
161 | Add | Add |
162 | Delete | Delete |
163 | Array of V6 addresses | Array of V6 addresses |
164 | Array of V4 addresses | Array of V4 addresses |
165 | Policy Store | Policy Store |
166 | IPsec rule name | IPsec rule name |
167 | endpoint type | endpoint type |
168 | Endpoint1 | Endpoint1 |
169 | Endpoint2 | Endpoint2 |
170 | Array of names that failed name resolution | Array of names that failed name resolution |
171 | The DisplayName of the IPsec rule. | The DisplayName of the IPsec rule. |
172 | IPSec policy delta | IPSec policy delta |
173 | A brief description of the rule. May be an indirect string. If it is an indirect string, then it may not be overwritten. | A brief description of the rule. May be an indirect string. If it is an indirect string, then it may not be overwritten. |
174 | The locale-independent name of the rule. May be an indirect string. | The locale-independent name of the rule. May be an indirect string. |
175 | Indicates whether this rule is administratively enabled or disabled. | Indicates whether this rule is administratively enabled or disabled. |
176 | The IPsec Encapsulation Mode that should be used. | The IPsec Encapsulation Mode that should be used. |
177 | Transport Mode | Transport Mode |
178 | Tunnel Mode | Tunnel Mode |
179 | Whether to allow Trusted Intermediaries to set the key of SA's created by this rule. | Whether to allow Trusted Intermediaries to set the key of SA's created by this rule. |
180 | Whether to allow Trusted Intermediaries to be notified when the encryption keys for this SA change. | Whether to allow Trusted Intermediaries to be notified when the encryption keys for this SA change. |
181 | The maximum lifetime, in seconds, for SA's created by this rule across the forwarding path. | The maximum lifetime, in seconds, for SA's created by this rule across the forwarding path. |
182 | Determines how aggressively to enforce security on inbound traffic. | Determines how aggressively to enforce security on inbound traffic. |
183 | Never | Never |
184 | Request | Request |
185 | Require | Require |
186 | Determines how aggressively to enforce security on outbound traffic. | Determines how aggressively to enforce security on outbound traffic. |
187 | Which keying modules to use. | Which keying modules to use. |
188 | IKEv1 | IKEv1 |
189 | IKEv2 | IKEv2 |
190 | AuthIP | AuthIP |
191 | Require authorization for endpoints. The authorization list is part of the IPsec Globals. | Require authorization for endpoints. The authorization list is part of the IPsec Globals. |
192 | Authorized users for transport mode, specified as an SDDL string. | Authorized users for transport mode, specified as an SDDL string. |
193 | Authorized machines for transport mode, specified as an SDDL string. | Authorized machines for transport mode, specified as an SDDL string. |
194 | The local tunnel endpoint address. | The local tunnel endpoint address. |
195 | A Fully-Qualified Domain Name that resolves to a list of allowed Remote Endpoints. If present, the value in RemoteEndpoint will be used initially, but will be replaced with all the IP addresses that this name resolves to. | A Fully-Qualified Domain Name that resolves to a list of allowed Remote Endpoints. If present, the value in RemoteEndpoint will be used initially, but will be replaced with all the IP addresses that this name resolves to. |
196 | The remote tunnel endpoint(s). | The remote tunnel endpoint(s). |
197 | Allow traffic that is already encrypted to bypass the tunnel. | Allow traffic that is already encrypted to bypass the tunnel. |
198 | Synchronize IPsec policy | Synchronize IPsec policy |
199 | Servers | Servers |
200 | Domains | Domains |
201 | Endpoint type | Endpoint type |
202 | Types of addresses | Types of addresses |
203 | IPv4 | IPv4 |
204 | IPv6 | IPv6 |
205 | Servers to perform name resolution against | Servers to perform name resolution against |
206 | Delta collection | Delta collection |
207 | Apply IPsec policy deltas | Apply IPsec policy deltas |
208 | IPv6 Addresses | IPv6 Addresses |
209 | IPv4 Addresses | IPv4 Addresses |
210 | PassThru | PassThru |
211 | Output NetConSecRule | Output NetConSecRule |
212 | Enumerate all parts of all rules | Enumerate all parts of all rules |
213 | Finds the rules that will be used to secure the specified traffic. | Finds the rules that will be used to secure the specified traffic. |
214 | Enable this rule. | Enable this rule. |
215 | Disable this rule. | Disable this rule. |
216 | Rename this rule. | Rename this rule. |
217 | The new name for the rule. | The new name for the rule. |
218 | Copy this rule. | Copy this rule. |
219 | The new policy store for the rule. | The new policy store for the rule. |
220 | The new GPOSession for the rule. | The new GPOSession for the rule. |
221 | A Connection Security Rule. | A Connection Security Rule. |
222 | The parent element in the association. | The parent element in the association. |
223 | The child element in the association. | The child element in the association. |
224 | CIM_Component is a generic association used to establish \'part of\' relationships between Managed Elements. For example, it could be used to define the components or parts of a System. | CIM_Component is a generic association used to establish \'part of\' relationships between Managed Elements. For example, it could be used to define the components or parts of a System. |
225 | The parent Policy in the association. | The parent Policy in the association. |
226 | The child/part Policy in the association. | The child/part Policy in the association. |
227 | CIM_PolicyComponent is a generic association used to establish \'part of\' relationships between the subclasses of CIM_Policy. For example, the PolicyConditionInPolicyRule association defines that PolicyConditions are part of a PolicyRule. | CIM_PolicyComponent is a generic association used to establish \'part of\' relationships between the subclasses of CIM_Policy. For example, the PolicyConditionInPolicyRule association defines that PolicyConditions are part of a PolicyRule. |
228 | The name of the class or the subclass used in the creation of the System object in whose scope this PolicyAction is defined. This property helps to identify the System object in whose scope this instance of PolicyAction exists. For a rule-specific PolicyAction, this is the System in whose context the PolicyRule is defined. For a reusable PolicyAction, this is the instance of PolicyRepository (which is a subclass of System) that holds the Action. Note that this property, and the analogous property SystemName, do not represent propagated keys from an instance of the class System. Instead, they are properties defined in the context of this class, which repeat the values from the instance of System to which this PolicyAction is related, either directly via the PolicyActionInPolicyRepository association or indirectly via the PolicyActionInPolicyRule aggregation. |
The name of the class or the subclass used in the creation of the System object in whose scope this PolicyAction is defined. This property helps to identify the System object in whose scope this instance of PolicyAction exists. For a rule-specific PolicyAction, this is the System in whose context the PolicyRule is defined. For a reusable PolicyAction, this is the instance of PolicyRepository (which is a subclass of System) that holds the Action. Note that this property, and the analogous property SystemName, do not represent propagated keys from an instance of the class System. Instead, they are properties defined in the context of this class, which repeat the values from the instance of System to which this PolicyAction is related, either directly via the PolicyActionInPolicyRepository association or indirectly via the PolicyActionInPolicyRule aggregation. |
229 | The name of the System object in whose scope this PolicyAction is defined. This property completes the identification of the System object in whose scope this instance of PolicyAction exists. For a rule-specific PolicyAction, this is the System in whose context the PolicyRule is defined. For a reusable PolicyAction, this is the instance of PolicyRepository (which is a subclass of System) that holds the Action. |
The name of the System object in whose scope this PolicyAction is defined. This property completes the identification of the System object in whose scope this instance of PolicyAction exists. For a rule-specific PolicyAction, this is the System in whose context the PolicyRule is defined. For a reusable PolicyAction, this is the instance of PolicyRepository (which is a subclass of System) that holds the Action. |
230 | For a rule-specific PolicyAction, the CreationClassName of the PolicyRule object with which this Action is associated. For a reusable PolicyAction, a special value, \'NO RULE\', should be used to indicate that this Action is reusable and not associated with a single PolicyRule. | For a rule-specific PolicyAction, the CreationClassName of the PolicyRule object with which this Action is associated. For a reusable PolicyAction, a special value, \'NO RULE\', should be used to indicate that this Action is reusable and not associated with a single PolicyRule. |
231 | For a rule-specific PolicyAction, the name of the PolicyRule object with which this Action is associated. For a reusable PolicyAction, a special value, \'NO RULE\', should be used to indicate that this Action is reusable and not associated with a single PolicyRule. | For a rule-specific PolicyAction, the name of the PolicyRule object with which this Action is associated. For a reusable PolicyAction, a special value, \'NO RULE\', should be used to indicate that this Action is reusable and not associated with a single PolicyRule. |
232 | A user-friendly name of this PolicyAction. | A user-friendly name of this PolicyAction. |
233 | DoActionLogging causes a log message to be generated when the action is performed. | DoActionLogging causes a log message to be generated when the action is performed. |
234 | A class representing a rule-specific or reusable policy action to be performed if the PolicyConditions for a Policy Rule evaluate to TRUE. Since all operational details of a PolicyAction are provided in subclasses of this object, this class is abstract. | A class representing a rule-specific or reusable policy action to be performed if the PolicyConditions for a Policy Rule evaluate to TRUE. Since all operational details of a PolicyAction are provided in subclasses of this object, this class is abstract. |
235 | PolicyAction instances may be aggregated into either PolicyRule instances or CompoundPolicyAction instances. | PolicyAction instances may be aggregated into either PolicyRule instances or CompoundPolicyAction instances. |
236 | A PolicyAction aggregated by a PolicyRule or CompoundPolicyAction. | A PolicyAction aggregated by a PolicyRule or CompoundPolicyAction. |
237 | ActionOrder is an unsigned integer \'n\' that indicates the relative position of a PolicyAction in the sequence of actions associated with a PolicyRule or CompoundPolicyAction. When \'n\' is a positive integer, it indicates a place in the sequence of actions to be performed, with smaller integers indicating earlier positions in the sequence. The special value \'0\' indicates \'don\'t care\'. If two or more PolicyActions have the same non-zero sequence number, they may be performed in any order, but they must all be performed at the appropriate place in the overall action sequence. A series of examples will make ordering of PolicyActions clearer: o If all actions have the same sequence number, regardless of whether it is \'0\' or non-zero, any order is acceptable. o The values: 1:ACTION A 2:ACTION B 1:ACTION C 3:ACTION D indicate two acceptable orders: A,C,B,D or C,A,B,D, since A and C can be performed in either order, but only at the \'1\' position. o The values: 0:ACTION A 2:ACTION B 3:ACTION C 3:ACTION D require that B,C, and D occur either as B,C,D or as B,D,C. Action A may appear at any point relative to B, C, and D. Thus the complete set of acceptable orders is: A,B,C,D; B,A,C,D; B,C,A,D; B,C,D,A; A,B,D,C; B,A,D,C; B,D,A,C; B,D,C,A. Note that the non-zero sequence numbers need not start with \'1\', and they need not be consecutive. All that matters is their relative magnitude. |
ActionOrder is an unsigned integer \'n\' that indicates the relative position of a PolicyAction in the sequence of actions associated with a PolicyRule or CompoundPolicyAction. When \'n\' is a positive integer, it indicates a place in the sequence of actions to be performed, with smaller integers indicating earlier positions in the sequence. The special value \'0\' indicates \'don\'t care\'. If two or more PolicyActions have the same non-zero sequence number, they may be performed in any order, but they must all be performed at the appropriate place in the overall action sequence. A series of examples will make ordering of PolicyActions clearer: o If all actions have the same sequence number, regardless of whether it is \'0\' or non-zero, any order is acceptable. o The values: 1:ACTION A 2:ACTION B 1:ACTION C 3:ACTION D indicate two acceptable orders: A,C,B,D or C,A,B,D, since A and C can be performed in either order, but only at the \'1\' position. o The values: 0:ACTION A 2:ACTION B 3:ACTION C 3:ACTION D require that B,C, and D occur either as B,C,D or as B,D,C. Action A may appear at any point relative to B, C, and D. Thus the complete set of acceptable orders is: A,B,C,D; B,A,C,D; B,C,A,D; B,C,D,A; A,B,D,C; B,A,D,C; B,D,A,C; B,D,C,A. Note that the non-zero sequence numbers need not start with \'1\', and they need not be consecutive. All that matters is their relative magnitude. |
238 | PolicyActions may be aggregated into rules and into compound actions. PolicyActionStructure is the abstract aggregation class for the structuring of policy actions. | PolicyActions may be aggregated into rules and into compound actions. PolicyActionStructure is the abstract aggregation class for the structuring of policy actions. |
239 | This property represents the PolicyRule that contains one or more PolicyActions. | This property represents the PolicyRule that contains one or more PolicyActions. |
240 | This property holds the name of a PolicyAction contained by one or more PolicyRules. | This property holds the name of a PolicyAction contained by one or more PolicyRules. |
241 | A PolicyRule aggregates zero or more instances of the PolicyAction class, via the PolicyActionInPolicyRule association. A Rule that aggregates zero Actions is not valid--it may, however, be in the process of being entered into a PolicyRepository or being defined for a System. Alternately, the actions of the policy may be explicit in the definition of the PolicyRule. Note that a PolicyRule should have no effect until it is valid. The Actions associated with a PolicyRule may be given a required order, a recommended order, or no order at all. For Actions represented as separate objects, the PolicyActionInPolicyRule aggregation can be used to express an order. This aggregation does not indicate whether a specified action order is required, recommended, or of no significance; the property SequencedActions in the aggregating instance of PolicyRule provides this indication. |
A PolicyRule aggregates zero or more instances of the PolicyAction class, via the PolicyActionInPolicyRule association. A Rule that aggregates zero Actions is not valid--it may, however, be in the process of being entered into a PolicyRepository or being defined for a System. Alternately, the actions of the policy may be explicit in the definition of the PolicyRule. Note that a PolicyRule should have no effect until it is valid. The Actions associated with a PolicyRule may be given a required order, a recommended order, or no order at all. For Actions represented as separate objects, the PolicyActionInPolicyRule aggregation can be used to express an order. This aggregation does not indicate whether a specified action order is required, recommended, or of no significance; the property SequencedActions in the aggregating instance of PolicyRule provides this indication. |
242 | DoPacketLogging causes a log message to be generated when the action is applied to a packet. | DoPacketLogging causes a log message to be generated when the action is applied to a packet. |
243 | SAAction is the base class for the various types of key exchange or IPsec actions. It is abstract and used to categorize the different types of actions of SARules. | SAAction is the base class for the various types of key exchange or IPsec actions. It is abstract and used to categorize the different types of actions of SARules. |
244 | The IPsec rule. | The IPsec rule. |
245 | The auth/crypto sets. | The auth/crypto sets. |
246 | Links an IPsec rule to its auth and crypto sets. | Links an IPsec rule to its auth and crypto sets. |
247 | MinLifetimeSeconds prevents certain denial of service attacks where the peer requests an arbitrarily low lifetime value, causing renegotiations with expensive Diffie-Hellman operations. The property specifies the minimum lifetime, in seconds, that will be accepted from the peer. A value of zero (the default) indicates that there is no minimum value. A non-zero value specifies the minimum seconds lifetime. | MinLifetimeSeconds prevents certain denial of service attacks where the peer requests an arbitrarily low lifetime value, causing renegotiations with expensive Diffie-Hellman operations. The property specifies the minimum lifetime, in seconds, that will be accepted from the peer. A value of zero (the default) indicates that there is no minimum value. A non-zero value specifies the minimum seconds lifetime. |
248 | Seconds | Seconds |
249 | IdleDurationSeconds is the time an SA can remain idle (i.e., no traffic protected using the security association) before it is automatically deleted. The default (zero) value indicates that there is no idle duration timer and that the SA is deleted based upon the SA seconds and kilobyte lifetimes. Any non-zero value indicates the number of seconds that the SA may remain unused. | IdleDurationSeconds is the time an SA can remain idle (i.e., no traffic protected using the security association) before it is automatically deleted. The default (zero) value indicates that there is no idle duration timer and that the SA is deleted based upon the SA seconds and kilobyte lifetimes. Any non-zero value indicates the number of seconds that the SA may remain unused. |
250 | MinLifetimeKilobytes prevents certain denial of service attacks where the peer requests an arbitrarily low lifetime value, causing renegotiations with expensive Diffie-Hellman operations. The property specifies the minimum lifetime, in kilobytes, that will be accepted from the peer. A value of zero (the default) indicates that there is no minimum value. A non-zero value specifies the minimum kilobytes lifetime. Note that there has been considerable debate regarding the usefulness of applying kilobyte lifetimes to phase 1 security associations, so it is likely that this property will only apply to the subclass, IPsecAction. | MinLifetimeKilobytes prevents certain denial of service attacks where the peer requests an arbitrarily low lifetime value, causing renegotiations with expensive Diffie-Hellman operations. The property specifies the minimum lifetime, in kilobytes, that will be accepted from the peer. A value of zero (the default) indicates that there is no minimum value. A non-zero value specifies the minimum kilobytes lifetime. Note that there has been considerable debate regarding the usefulness of applying kilobyte lifetimes to phase 1 security associations, so it is likely that this property will only apply to the subclass, IPsecAction. |
251 | KiloBytes | KiloBytes |
252 | SANegotiationAction is the base class for negotiated SAs. It is abstract, specifying the common parameters that control the IPsec phase 1 and phase 2 negotiations. | SANegotiationAction is the base class for negotiated SAs. It is abstract, specifying the common parameters that control the IPsec phase 1 and phase 2 negotiations. |
253 | The ExchangeMode designates the mode IKE should use for its key negotiations. | The ExchangeMode designates the mode IKE should use for its key negotiations. |
254 | Base | Base |
255 | Main | Main |
256 | Aggressive | Aggressive |
257 | UseIKEIdentityType specifies what network identity type should be used when negotiating with the peer. It is used in conjunction with the available IPNetworkIdentity instances, that are associated with an IPProtocolEndpoint. | UseIKEIdentityType specifies what network identity type should be used when negotiating with the peer. It is used in conjunction with the available IPNetworkIdentity instances, that are associated with an IPProtocolEndpoint. |
258 | IPV4 Address | IPV4 Address |
259 | FQDN | FQDN |
260 | User FQDN | User FQDN |
261 | IPV4 Subnet Address | IPV4 Subnet Address |
262 | IPV6 Address | IPV6 Address |
263 | IPV6 Subnet Address | IPV6 Subnet Address |
264 | IPV4 Address Range | IPV4 Address Range |
265 | IPV6 Address Range | IPV6 Address Range |
266 | DER ASN1 DN | DER ASN1 DN |
267 | DER ASN1 GN | DER ASN1 GN |
268 | KEY ID | KEY ID |
269 | VendorID specifies the value to be used in the Vendor ID payload. An empty string (the default) means that the Vendor ID payload will not be generated or accepted. A non-NULL value means that a Vendor ID payload will be generated (when acting as an initiator) or is expected (when acting as a responder). | VendorID specifies the value to be used in the Vendor ID payload. An empty string (the default) means that the Vendor ID payload will not be generated or accepted. A non-NULL value means that a Vendor ID payload will be generated (when acting as an initiator) or is expected (when acting as a responder). |
270 | When IKEAction.ExchangeMode is set to "Aggressive" (4), this property specifies the key exchange groupID to use in the first packets of the phase 1 negotiation. This property is ignored unless the ExchangeMode is \'aggressive\'. If the GroupID number is from the vendor- specific range (32768-65535), the VendorID qualifies the group number. Well-known group identifiers from RFC2412, Appendix E, are: Group 1=\'768 bit prime\', Group 2=\'1024 bit prime\', Group 3=\'Elliptic Curve Group with 155 bit field element\', Group 4=\'Large Elliptic Curve Group with 185 bit field element\', and Group 5=\'1536 bit prime\'. | When IKEAction.ExchangeMode is set to "Aggressive" (4), this property specifies the key exchange groupID to use in the first packets of the phase 1 negotiation. This property is ignored unless the ExchangeMode is \'aggressive\'. If the GroupID number is from the vendor- specific range (32768-65535), the VendorID qualifies the group number. Well-known group identifiers from RFC2412, Appendix E, are: Group 1=\'768 bit prime\', Group 2=\'1024 bit prime\', Group 3=\'Elliptic Curve Group with 155 bit field element\', Group 4=\'Large Elliptic Curve Group with 185 bit field element\', and Group 5=\'1536 bit prime\'. |
271 | No Group/Non-Diffie-Hellman Exchange | No Group/Non-Diffie-Hellman Exchange |
272 | DH-768 bit prime | DH-768 bit prime |
273 | DH-1024 bit prime | DH-1024 bit prime |
274 | EC2N-155 bit field element | EC2N-155 bit field element |
275 | EC2N-185 bit field element | EC2N-185 bit field element |
276 | DH-1536 bit prime | DH-1536 bit prime |
277 | Standard Group - Reserved | Standard Group - Reserved |
278 | IKEAction specifies the parameters to use for an IPsec IKE phase 1 negotiation. | IKEAction specifies the parameters to use for an IPsec IKE phase 1 negotiation. |
279 | The ScopedSettingData class represents the general concept of SettingData, which is scoped or contained by a ManagedElement (that is, settings that are specifically defined for a system, device, and so on). ScopedSettingData is tied to a ManagedElement using the ScopedSetting association. Note that the cardinality of the ManagedElement reference is Min(1), Max(1). This cardinality mandates the instantiation of the ScopedSetting association for the referenced instance of ScopedSettingData. ScopedSetting describes the existence requirements and context for the referenced instance of ManagedElement. Specifically, the ManagedElement must exist and it provides the context for the ScopedSettingData. | The ScopedSettingData class represents the general concept of SettingData, which is scoped or contained by a ManagedElement (that is, settings that are specifically defined for a system, device, and so on). ScopedSettingData is tied to a ManagedElement using the ScopedSetting association. Note that the cardinality of the ManagedElement reference is Min(1), Max(1). This cardinality mandates the instantiation of the ScopedSetting association for the referenced instance of ScopedSettingData. ScopedSetting describes the existence requirements and context for the referenced instance of ManagedElement. Specifically, the ManagedElement must exist and it provides the context for the ScopedSettingData. |
280 | 2.10.0 | 2.10.0 |
281 | SAProposal is a base class defining the common properties of, and anchoring common associations for, IPsec phase 1 and phase 2 proposals. It is defined as a kind of ScopedSettingData (scoped by a ComputerSystem or AdminDomain), since its subclasses define sets of IPsec properties that MUST be applied together, if negotiated. This subclassing is different than that defined in IETF\'s IPSP Policy draft - where it is subclassed from Policy. The definition as SettingData is more consistent with the application of the properties as a set, to the negotiated Security Association. To indicate that \'this\' proposaltransform is negotiated for a Security Association, use the ElementSettingData to associate the proposal and the SA. | SAProposal is a base class defining the common properties of, and anchoring common associations for, IPsec phase 1 and phase 2 proposals. It is defined as a kind of ScopedSettingData (scoped by a ComputerSystem or AdminDomain), since its subclasses define sets of IPsec properties that MUST be applied together, if negotiated. This subclassing is different than that defined in IETF\'s IPSP Policy draft - where it is subclassed from Policy. The definition as SettingData is more consistent with the application of the properties as a set, to the negotiated Security Association. To indicate that \'this\' proposaltransform is negotiated for a Security Association, use the ElementSettingData to associate the proposal and the SA. |
282 | MaxLifetimeSeconds specifies the maximum time the IKE message sender proposes for an SA to be considered valid after it has been created. A value of zero indicates that the default of 8 hours be used. A non-zero value indicates the maximum seconds lifetime. | MaxLifetimeSeconds specifies the maximum time the IKE message sender proposes for an SA to be considered valid after it has been created. A value of zero indicates that the default of 8 hours be used. A non-zero value indicates the maximum seconds lifetime. |
283 | MaxLifetimeKilobytes specifies the maximum kilobyte lifetime the IKE message sender proposes for an SA to be considered valid after it has been created. A value of zero (the default) indicates that there should be no maximum kilobyte lifetime. A non-zero value specifies the desired kilobyte lifetime. | MaxLifetimeKilobytes specifies the maximum kilobyte lifetime the IKE message sender proposes for an SA to be considered valid after it has been created. A value of zero (the default) indicates that there should be no maximum kilobyte lifetime. A non-zero value specifies the desired kilobyte lifetime. |
284 | CipherAlgorithm is an enumeration that specifies the proposed encryption algorithm. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.CipherAlgorithm. | CipherAlgorithm is an enumeration that specifies the proposed encryption algorithm. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.CipherAlgorithm. |
285 | DES | DES |
286 | IDEA | IDEA |
287 | Blowfish | Blowfish |
288 | RC5 | RC5 |
289 | 3DES | 3DES |
290 | CAST | CAST |
291 | DMTF/IANA Reserved | DMTF/IANA Reserved |
292 | Description of the encryption algorithm when the value 1 ("Other") is specified for the property, CipherAlgorithm. | Description of the encryption algorithm when the value 1 ("Other") is specified for the property, CipherAlgorithm. |
293 | HashAlgorithm is an enumeration that specifies the proposed hash function. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.HashAlgorithm. | HashAlgorithm is an enumeration that specifies the proposed hash function. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.HashAlgorithm. |
294 | MD5 | MD5 |
295 | SHA-1 | SHA-1 |
296 | Tiger | Tiger |
297 | Description of the hash function when the value 1 ("Other") is specified for the property, HashAlgorithm. | Description of the hash function when the value 1 ("Other") is specified for the property, HashAlgorithm. |
298 | AuthenticationMethod is an enumeration that specifies the proposed authentication. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.AuthenticationMethod. There is one change to the list - the value 65000 has special meaning. It is a special value that indicates that this particular proposal should be repeated once for each authentication method corresponding to credentials installed on the machine. For example, if the system has a pre-shared key and an public-key certificate, a proposal list would be constructed which includes a proposal that specifies a pre-shared key and a proposal for any of the public-key certificates. | AuthenticationMethod is an enumeration that specifies the proposed authentication. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.AuthenticationMethod. There is one change to the list - the value 65000 has special meaning. It is a special value that indicates that this particular proposal should be repeated once for each authentication method corresponding to credentials installed on the machine. For example, if the system has a pre-shared key and an public-key certificate, a proposal list would be constructed which includes a proposal that specifies a pre-shared key and a proposal for any of the public-key certificates. |
299 | Pre-shared Key | Pre-shared Key |
300 | DSS Signatures | DSS Signatures |
301 | RSA Signatures | RSA Signatures |
302 | Encryption with RSA | Encryption with RSA |
303 | Revised Encryption with RSA | Revised Encryption with RSA |
304 | Description of the method when the value 1 ("Other") is specified for the property, AuthenticationMethod. | Description of the method when the value 1 ("Other") is specified for the property, AuthenticationMethod. |
305 | The property GroupId specifies the proposed phase 1 security association key exchange group. This property is ignored for all aggressive mode exchanges (IKEAction.ExchangeMode = 4). If the GroupID number is from the vendor-specific range (32768-65535), the property VendorID qualifies the group number. Well-known group identifiers from RFC2412, Appendix E, are: Group 1=\'768 bit prime\', Group 2=\'1024 bit prime\', Group 3 =\'Elliptic Curve Group with 155 bit field element\', Group 4= \'Large Elliptic Curve Group with 185 bit field element\', and Group 5=\'1536 bit prime\'. | The property GroupId specifies the proposed phase 1 security association key exchange group. This property is ignored for all aggressive mode exchanges (IKEAction.ExchangeMode = 4). If the GroupID number is from the vendor-specific range (32768-65535), the property VendorID qualifies the group number. Well-known group identifiers from RFC2412, Appendix E, are: Group 1=\'768 bit prime\', Group 2=\'1024 bit prime\', Group 3 =\'Elliptic Curve Group with 155 bit field element\', Group 4= \'Large Elliptic Curve Group with 185 bit field element\', and Group 5=\'1536 bit prime\'. |
306 | VendorID identifies the vendor when the value of GroupID is in the vendor-specific range, 32768 to 65535. | VendorID identifies the vendor when the value of GroupID is in the vendor-specific range, 32768 to 65535. |
307 | IKEProposal contains the parameters necessary to drive the phase 1 IKE negotiation. | IKEProposal contains the parameters necessary to drive the phase 1 IKE negotiation. |
308 | Represents an auth proposal. | Represents an auth proposal. |
309 | The locale-independent name for the group that this set belongs to. | The locale-independent name for the group that this set belongs to. |
310 | The localized name of this set. This field's value is based on the value of ElementName. Changes to this field are ignored. | The localized name of this set. This field's value is based on the value of ElementName. Changes to this field are ignored. |
311 | The group that this set belongs to. This field is based on the value of RuleGroup and changes to this field are ignored. | The group that this set belongs to. This field is based on the value of RuleGroup and changes to this field are ignored. |
312 | The proposals within this set, in order of preference. | The proposals within this set, in order of preference. |
313 | A list of auth suites, in preferential order, to use when negotiating an SA. | A list of auth suites, in preferential order, to use when negotiating an SA. |
314 | A brief description of the set. May be an indirect string. If it is an indirect string, then it may not be overwritten. | A brief description of the set. May be an indirect string. If it is an indirect string, then it may not be overwritten. |
315 | The locale-independent name of the set. May be an indirect string. | The locale-independent name of the set. May be an indirect string. |
316 | Rename this set. | Rename this set. |
317 | The new name for the set. | The new name for the set. |
318 | Copy this set. | Copy this set. |
319 | The new ID for the set. | The new ID for the set. |
320 | The new policy store for the set. | The new policy store for the set. |
321 | The new GPOSession for the set. | The new GPOSession for the set. |
322 | A set of authentication proposals that can be used in Phase 2 of authentication. | A set of authentication proposals that can be used in Phase 2 of authentication. |
323 | The Phase 2 Authentication Set used by the rule. | The Phase 2 Authentication Set used by the rule. |
324 | Relates an IPsec rule to its Phase 2 Authentication Set. | Relates an IPsec rule to its Phase 2 Authentication Set. |
325 | The connection security rule. | The connection security rule. |
326 | Relates a connection security rule to its Phase 2 Authentication Set. | Relates a connection security rule to its Phase 2 Authentication Set. |
327 | The rule. | The rule. |
328 | The filters associated with the rule. | The filters associated with the rule. |
329 | Associates a policy rule to its filters. | Associates a policy rule to its filters. |
330 | The connection security rule being filtered. | The connection security rule being filtered. |
331 | Associates a connection security rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted. | Associates a connection security rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted. |
332 | The address filter applied to the rule. | The address filter applied to the rule. |
333 | Interfaces that the traffic applies to. They may be specified by LUID or by Alias. | Interfaces that the traffic applies to. They may be specified by LUID or by Alias. |
334 | Filters traffic based on what interface it is sent or received on. | Filters traffic based on what interface it is sent or received on. |
335 | The interface filter applied to the rule. | The interface filter applied to the rule. |
336 | Specifies what types of interface to filter on. | Specifies what types of interface to filter on. |
337 | Local area network | Local area network |
338 | Remote access | Remote access |
339 | Wireless | Wireless |
340 | Filters traffic based on the type of interface it is sent or received on. | Filters traffic based on the type of interface it is sent or received on. |
341 | The interface type filter applied to the rule. | The interface type filter applied to the rule. |
342 | IP Protocol Number that this filter applies to. May be 0-255 or one of the following: ICMPv4, ICMPv6, TCP, UDP. | IP Protocol Number that this filter applies to. May be 0-255 or one of the following: ICMPv4, ICMPv6, TCP, UDP. |
343 | Applies only when Protocol is TCP or UDP. Remote ports this filter applies to. May be a number or range 0-65535, or one of the following: Any, IPHTTPSOut. | Applies only when Protocol is TCP or UDP. Remote ports this filter applies to. May be a number or range 0-65535, or one of the following: Any, IPHTTPSOut. |
344 | Applies only when Protocol is TCP or UDP. Local ports this filter applies to. May be a number or range 0-65535, or one of the following: Any, RPC, RPC-EPMap, IPHTTPSIn, PlayToDiscovery. | Applies only when Protocol is TCP or UDP. Local ports this filter applies to. May be a number or range 0-65535, or one of the following: Any, RPC, RPC-EPMap, IPHTTPSIn, PlayToDiscovery. |
345 | Applies only when Protocol is ICMPv4 or ICMPv6. ICMP Type/Code pairs this filter applies to. May be an ICMP type (0-255), or an ICMP type/code pair in the format Type.Code, where type and code values are numbers from 0 to 255. | Applies only when Protocol is ICMPv4 or ICMPv6. ICMP Type/Code pairs this filter applies to. May be an ICMP type (0-255), or an ICMP type/code pair in the format Type.Code, where type and code values are numbers from 0 to 255. |
346 | Allows filtering traffic to/from endpoints by certain kinds of virtual transports, rather than traditional tuples of addresses, protocols, and ports. | Allows filtering traffic to/from endpoints by certain kinds of virtual transports, rather than traditional tuples of addresses, protocols, and ports. |
347 | ProximityApps | ProximityApps |
348 | ProximitySharing | ProximitySharing |
349 | WifiDirectPrinting | WifiDirectPrinting |
350 | WifiDirectDisplay | WifiDirectDisplay |
351 | WifiDirectDevices | WifiDirectDevices |
352 | Filters traffic based on its protocol and port. | Filters traffic based on its protocol and port. |
353 | The protocol/port filter applied to the rule. | The protocol/port filter applied to the rule. |
354 | A PolicySet that aggregates other PolicySet instances. | A PolicySet that aggregates other PolicySet instances. |
355 | A PolicySet aggregated into a PolicySet. | A PolicySet aggregated into a PolicySet. |
356 | A non-negative integer for prioritizing this PolicySet component relative to other elements of the same PolicySet. A larger value indicates a higher priority. The Priority property MUST have a unique value when compared with others defined for the same aggregating PolicySet. | A non-negative integer for prioritizing this PolicySet component relative to other elements of the same PolicySet. A larger value indicates a higher priority. The Priority property MUST have a unique value when compared with others defined for the same aggregating PolicySet. |
357 | PolicySetComponent is a concrete aggregation that collects instances of the subclasses of PolicySet (i.e., PolicyGroups and PolicyRules). Instances are collected in sets that use the same decision strategy. They are prioritized relative to each other, within the set, using the Priority property of this aggregation. Together, the PolicySet.PolicyDecisionStrategy and PolicySet Component.Priority properties determine the processing for the groups and rules contained in a PolicySet. A larger priority value represents a higher priority. Note that the Priority property MUST have a unique value when compared with others defined for the same aggregating PolicySet. Thus, the evaluation of rules within a set is deterministically specified. |
PolicySetComponent is a concrete aggregation that collects instances of the subclasses of PolicySet (i.e., PolicyGroups and PolicyRules). Instances are collected in sets that use the same decision strategy. They are prioritized relative to each other, within the set, using the Priority property of this aggregation. Together, the PolicySet.PolicyDecisionStrategy and PolicySet Component.Priority properties determine the processing for the groups and rules contained in a PolicySet. A larger priority value represents a higher priority. Note that the Priority property MUST have a unique value when compared with others defined for the same aggregating PolicySet. Thus, the evaluation of rules within a set is deterministically specified. |
358 | The name of the profile. | The name of the profile. |
359 | Whether the firewall is enabled on this profile. | Whether the firewall is enabled on this profile. |
360 | The default action for Inbound traffic. | The default action for Inbound traffic. |
361 | The default action for outbound traffic. | The default action for outbound traffic. |
362 | If this is true, administrators will be able to create firewall rules which allow unsolicited inbound traffic to be accepted. If this is false, such rules will be ignored. | If this is true, administrators will be able to create firewall rules which allow unsolicited inbound traffic to be accepted. If this is false, such rules will be ignored. |
363 | Determines whether local firewall rules should be merged into the effective policy along with Group Policy settings. | Determines whether local firewall rules should be merged into the effective policy along with Group Policy settings. |
364 | Determines whether local IPsec rules should be merged into the effective policy along with rules from Group Policy. | Determines whether local IPsec rules should be merged into the effective policy along with rules from Group Policy. |
365 | Whether to respect user allowed applications created in the legacy Windows XP firewall. | Whether to respect user allowed applications created in the legacy Windows XP firewall. |
366 | Whether to respect globally opened ports created in the legacy Windows XP firewall. | Whether to respect globally opened ports created in the legacy Windows XP firewall. |
367 | Whether to allow unicast responses to multicast traffic. | Whether to allow unicast responses to multicast traffic. |
368 | If true, users will be notified when an application listens on a port that is closed. | If true, users will be notified when an application listens on a port that is closed. |
369 | The filename in which to store the firewall log. | The filename in which to store the firewall log. |
370 | Maximum size the log file can reach before being rotated. May be a uint32 value, or MAXUINT64 for Not Configured. | Maximum size the log file can reach before being rotated. May be a uint32 value, or MAXUINT64 for Not Configured. |
371 | Whether to log allowed packets. | Whether to log allowed packets. |
372 | Whether to log blocked traffic. | Whether to log blocked traffic. |
373 | Whether to log an event when rules are ignored. | Whether to log an event when rules are ignored. |
374 | Interfaces that the firewall profile is disabled on. | Interfaces that the firewall profile is disabled on. |
375 | Whether to use Stealth Mode for IPsec-protected traffic. | Whether to use Stealth Mode for IPsec-protected traffic. |
376 | Represents a particular firewall profile. Multiple profiles may be in effect on any interface at any given time. | Represents a particular firewall profile. Multiple profiles may be in effect on any interface at any given time. |
377 | The firewall profile. | The firewall profile. |
378 | The policy rule within the profile. | The policy rule within the profile. |
379 | Indicates that a rule applies to a particular firewall profile. | Indicates that a rule applies to a particular firewall profile. |
380 | A set of authentication proposals used in Phase 1 of authentication. | A set of authentication proposals used in Phase 1 of authentication. |
381 | The Phase 1 Authentication Set used by the rule. | The Phase 1 Authentication Set used by the rule. |
382 | Relates an IPsec rule to its Phase 1 Authentication Set. | Relates an IPsec rule to its Phase 1 Authentication Set. |
383 | Represents a suite of crypto algorithms to propose. | Represents a suite of crypto algorithms to propose. |
384 | A list of crypto suites, in preferential order, to use when negotiating an SA. | A list of crypto suites, in preferential order, to use when negotiating an SA. |
385 | Diffie-Hellman Group to use with PFS | Diffie-Hellman Group to use with PFS |
386 | DH Group 1 | DH Group 1 |
387 | DH Group 2 | DH Group 2 |
388 | DH Group 14 | DH Group 14 |
389 | DH Group 19 | DH Group 19 |
390 | DH Group 20 | DH Group 20 |
391 | DH Group 24 | DH Group 24 |
392 | Specifies parameters for the quick mode negotiation as well as dictating the crypto sets that should be proposed during the exchange. | Specifies parameters for the quick mode negotiation as well as dictating the crypto sets that should be proposed during the exchange. |
393 | The Quick Mode crypto set used by this rule. | The Quick Mode crypto set used by this rule. |
394 | Relates an IPsec rule to its Quick Mode crypto set. | Relates an IPsec rule to its Quick Mode crypto set. |
395 | Relates a connection security rule to its Quick Mode Crypto Set. | Relates a connection security rule to its Quick Mode Crypto Set. |
396 | Whether to group UDP packets into conversations based upon the local address, local port, and remote port. Applies only to UDP. | Whether to group UDP packets into conversations based upon the local address, local port, and remote port. Applies only to UDP. |
397 | Whether to group UDP packets into conversations based only upon the local address and port. Applies only to UDP. | Whether to group UDP packets into conversations based only upon the local address and port. Applies only to UDP. |
398 | Specifies how this firewall rule will handle edge traversal cases. | Specifies how this firewall rule will handle edge traversal cases. |
399 | Block | Block |
400 | Allow | Allow |
401 | Defer to User | Defer to User |
402 | Defer to App | Defer to App |
403 | Specifies which direction of traffic to match with this rule. | Specifies which direction of traffic to match with this rule. |
404 | Inbound | Inbound |
405 | Outbound | Outbound |
406 | Specifies the action to take on traffic that matches this rule. | Specifies the action to take on traffic that matches this rule. |
407 | AllowBypass | AllowBypass |
408 | The owner of the firewall rule, as a SID. | The owner of the firewall rule, as a SID. |
409 | Desc | Desc |
410 | Represents a Windows firewall rule. | Represents a Windows firewall rule. |
411 | The firewall rule. | The firewall rule. |
412 | Associates a firewall rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted. | Associates a firewall rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted. |
413 | Associates a FirewallRule to its AddressFilter. | Associates a FirewallRule to its AddressFilter. |
414 | The application filter applied to the rule. | The application filter applied to the rule. |
415 | Whether to require Authentication. NoEncapsulation means that authentication is still required, but only once at the beginning of the traffic flow, instead of on every packet. | Whether to require Authentication. NoEncapsulation means that authentication is still required, but only once at the beginning of the traffic flow, instead of on every packet. |
416 | NotRequired | NotRequired |
417 | Required | Required |
418 | NoEncapsulation | NoEncapsulation |
419 | Whether to require Encryption. Dynamic encryption means that the first packet may be protected but not encrypted. | Whether to require Encryption. Dynamic encryption means that the first packet may be protected but not encrypted. |
420 | Dynamic | Dynamic |
421 | Whether to allow this rule to take precedence over Block rules. This setting may only be applied on Allow rules that require Authentication with specific RemoteUsers and/or RemoteMachines. | Whether to allow this rule to take precedence over Block rules. This setting may only be applied on Allow rules that require Authentication with specific RemoteUsers and/or RemoteMachines. |
422 | SDDL string describing Local Users that are allowed by this rule. If this is empty, all users are allowed. If LocalUsers/RemoteUsers/RemoteMachines are specified, then they apply conjunctively, and this is an ''Allow-Bypass'' rule and ProtectionLevel must be set above None (so that authentication is required). | SDDL string describing Local Users that are allowed by this rule. If this is empty, all users are allowed. If LocalUsers/RemoteUsers/RemoteMachines are specified, then they apply conjunctively, and this is an ''Allow-Bypass'' rule and ProtectionLevel must be set above None (so that authentication is required). |
423 | SDDL string describing Remote Users that are allowed by this rule. If this is empty, all users are allowed. If LocalUsers/RemoteUsers/RemoteMachines are specified, then they apply conjunctively, and this is an ''Allow-Bypass'' rule and ProtectionLevel must be set above None (so that authentication is required). | SDDL string describing Remote Users that are allowed by this rule. If this is empty, all users are allowed. If LocalUsers/RemoteUsers/RemoteMachines are specified, then they apply conjunctively, and this is an ''Allow-Bypass'' rule and ProtectionLevel must be set above None (so that authentication is required). |
424 | SDDL string describing Remote Machines that are allowed by this rule. If this is empty, all users are allowed. If LocalUsers/RemoteUsers/RemoteMachines are specified, then they apply conjunctively, and this is an ''Allow-Bypass'' rule and ProtectionLevel must be set above None (so that authentication is required). | SDDL string describing Remote Machines that are allowed by this rule. If this is empty, all users are allowed. If LocalUsers/RemoteUsers/RemoteMachines are specified, then they apply conjunctively, and this is an ''Allow-Bypass'' rule and ProtectionLevel must be set above None (so that authentication is required). |
425 | Filters traffic based on certain high-level security constraints, like whether or not the traffic is encrypted. Connection Security rules will have to be created in order for traffic to pass the rule. | Filters traffic based on certain high-level security constraints, like whether or not the traffic is encrypted. Connection Security rules will have to be created in order for traffic to pass the rule. |
426 | The security filter applied to the rule. | The security filter applied to the rule. |
427 | The short name of the service to be filtered. | The short name of the service to be filtered. |
428 | Filters traffic based on which Windows service it is sent or received by. | Filters traffic based on which Windows service it is sent or received by. |
429 | The service filter applied to the rule. | The service filter applied to the rule. |
430 | Associates a firewall rule with a profile that it is in. | Associates a firewall rule with a profile that it is in. |
431 | Specifies the proposed authentication. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.AuthenticationMethod. | Specifies the proposed authentication. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.AuthenticationMethod. |
432 | Anonymous | Anonymous |
433 | Kerberos (machine as principal) | Kerberos (machine as principal) |
434 | NTLM (machine as principal) | NTLM (machine as principal) |
435 | Kerberos (user as principal) | Kerberos (user as principal) |
436 | NTLM (user as principal) | NTLM (user as principal) |
437 | X.509 Certificates (machine as principal) | X.509 Certificates (machine as principal) |
438 | X.509 Certificates (user as principal) | X.509 Certificates (user as principal) |
439 | X.509 Certificates (machine health) | X.509 Certificates (machine health) |
440 | Represents an auth proposal. Instances of this class only exist as embedded instances within a MSFT_NetIKEP1AuthSet and MSFT_NetIKEP2AuthSet. | Represents an auth proposal. Instances of this class only exist as embedded instances within a MSFT_NetIKEP1AuthSet and MSFT_NetIKEP2AuthSet. |
441 | Only certs issued by this CA should be allowed. | Only certs issued by this CA should be allowed. |
442 | Indicates whether to accept certificates only from the root TrustedCA, or to also accept certificates from Intermediate CA's which are children of the TrustedCA. | Indicates whether to accept certificates only from the root TrustedCA, or to also accept certificates from Intermediate CA's which are children of the TrustedCA. |
443 | Root CA | Root CA |
444 | Intermediate CA | Intermediate CA |
445 | If this flag is set, certificate authority names are excluded. This flag MUST be set only on first authentications. | If this flag is set, certificate authority names are excluded. This flag MUST be set only on first authentications. |
446 | If this flag is set, Windows will attempt to map certificates to domain accounts. | If this flag is set, Windows will attempt to map certificates to domain accounts. |
447 | Specifies the certificate signing algorithm to use. | Specifies the certificate signing algorithm to use. |
448 | RSA | RSA |
449 | 256-bit Elliptic-Curve DSA | 256-bit Elliptic-Curve DSA |
450 | 384-bit Elliptic-Curve DSA | 384-bit Elliptic-Curve DSA |
451 | The name that should be on the certificate. | The name that should be on the certificate. |
452 | The type of name used in CertName. | The type of name used in CertName. |
453 | None | None |
454 | DNS | DNS |
455 | UPN | UPN |
456 | RFC822 | RFC822 |
457 | CN | CN |
458 | OU | OU |
459 | O | O |
460 | DC | DC |
461 | The EKU's to accept. | The EKU's to accept. |
462 | The thumbprint to accept. | The thumbprint to accept. |
463 | Whether to follow certificate renewal. | Whether to follow certificate renewal. |
464 | Whether the cert criteria (CertName, EKUs, Thumbprint) should be used when choosing which certificates to offer. | Whether the cert criteria (CertName, EKUs, Thumbprint) should be used when choosing which certificates to offer. |
465 | Whether the cert criteria (CertName, EKUs, Thumbprint) should be used for validating the certificates presented. | Whether the cert criteria (CertName, EKUs, Thumbprint) should be used for validating the certificates presented. |
466 | Represents an auth proposal that uses certificates to authenticate the remote peer. Instances of this class only exist as embedded instances within a MSFT_NetIKEP1AuthSet and MSFT_NetIKEP2AuthSet. | Represents an auth proposal that uses certificates to authenticate the remote peer. Instances of this class only exist as embedded instances within a MSFT_NetIKEP1AuthSet and MSFT_NetIKEP2AuthSet. |
467 | The Kerberos proxy server to use when authenticating remotely. | The Kerberos proxy server to use when authenticating remotely. |
468 | Represents an auth proposal for Kerberos. | Represents an auth proposal for Kerberos. |
469 | Require use of Diffie-Hellman for enhanced security. | Require use of Diffie-Hellman for enhanced security. |
470 | The maximum number of QM SA's that may be established using this MMSA before it must be re-established. | The maximum number of QM SA's that may be established using this MMSA before it must be re-established. |
471 | The maximum amount of time that can elapse before this MMSA must be re-established. | The maximum amount of time that can elapse before this MMSA must be re-established. |
472 | For a Main Mode or Connection Security rule, sets parameters for the main mode negotiation and describes the crypto proposals that should be negotiated. | For a Main Mode or Connection Security rule, sets parameters for the main mode negotiation and describes the crypto proposals that should be negotiated. |
473 | Specifies the proposed encryption algorithm. | Specifies the proposed encryption algorithm. |
474 | AES-128 | AES-128 |
475 | AES-192 | AES-192 |
476 | AES-256 | AES-256 |
477 | AES-GCM-128 | AES-GCM-128 |
478 | AES-GCM-192 | AES-GCM-192 |
479 | AES-GCM-256 | AES-GCM-256 |
480 | Specifies the proposed hash algorithm. | Specifies the proposed hash algorithm. |
481 | SHA-256 | SHA-256 |
482 | SHA-384 | SHA-384 |
483 | AES-GMAC-128 | AES-GMAC-128 |
484 | AES-GMAC-192 | AES-GMAC-192 |
485 | AES-GMAC-256 | AES-GMAC-256 |
486 | The property GroupId specifies the proposed phase 1 security association key exchange group. Well-known group identifiers from RFC2412, Appendix E, are: Group 1='768 bit prime', Group 2='1024 bit prime', Group 3 ='Elliptic Curve Group with 155 bit field element', Group 4= 'Large Elliptic Curve Group with 185 bit field element', and Group 5='1536 bit prime'. Note that only groups 1, 2, 14, 19, 20, and 24 are acceptable in Windows 8. | The property GroupId specifies the proposed phase 1 security association key exchange group. Well-known group identifiers from RFC2412, Appendix E, are: Group 1='768 bit prime', Group 2='1024 bit prime', Group 3 ='Elliptic Curve Group with 155 bit field element', Group 4= 'Large Elliptic Curve Group with 185 bit field element', and Group 5='1536 bit prime'. Note that only groups 1, 2, 14, 19, 20, and 24 are acceptable in Windows 8. |
487 | Represents a crypto suite to propose in main mode. | Represents a crypto suite to propose in main mode. |
488 | The key to use in the authentication. | The key to use in the authentication. |
489 | A Pre-shared Key authentication proposal. | A Pre-shared Key authentication proposal. |
490 | The maximum lifetime for a Quick-Mode SA before it must be rekeyed, in kilobytes. | The maximum lifetime for a Quick-Mode SA before it must be rekeyed, in kilobytes. |
491 | Hash algorithm to use in AH. | Hash algorithm to use in AH. |
492 | Hash algorithm to use in ESP. | Hash algorithm to use in ESP. |
493 | What type of encapsulation to use. | What type of encapsulation to use. |
494 | AH | AH |
495 | ESP | ESP |
496 | AH/ESP | AH/ESP |
497 | The maximum lifetime for a Quick-Mode SA before it must be rekeyed, in minutes. | The maximum lifetime for a Quick-Mode SA before it must be rekeyed, in minutes. |
498 | Represents a crypto suite to propose in quick mode. | Represents a crypto suite to propose in quick mode. |
499 | Superclass SettingData for networking | Superclass SettingData for networking |
500 | State entry idle timeout in seconds. Value must be 0 | State entry idle timeout in seconds. Value must be 0 |
501 | Per internal IP address rate limit queue idle timeout in seconds. Value must be 0 | Per internal IP address rate limit queue idle timeout in seconds. Value must be 0 |
502 | DSCP (RFC 2474) marking for unauthenticated inbound IPv6 IPsec traffic. Value must be | DSCP (RFC 2474) marking for unauthenticated inbound IPv6 IPsec traffic. Value must be |
503 | Per internal IP address rate limit for unauthenticated inbound IPv6 IPsec traffic. | Per internal IP address rate limit for unauthenticated inbound IPv6 IPsec traffic. |
504 | DSCP (RFC 2474) marking for authenticated inbound IPv6 IPsec traffic. Value must be | DSCP (RFC 2474) marking for authenticated inbound IPv6 IPsec traffic. Value must be |
505 | Rate limit for authenticated inbound IPv6 IPsec traffic. | Rate limit for authenticated inbound IPv6 IPsec traffic. |
506 | DSCP (RFC 2474) marking for inbound ICMPv6 traffic. Value must be | DSCP (RFC 2474) marking for inbound ICMPv6 traffic. Value must be |
507 | Rate limit for inbound ICMPv6 traffic. | Rate limit for inbound ICMPv6 traffic. |
508 | DSCP (RFC 2474) marking for inbound IPv6 filter exempted traffic. Value must be | DSCP (RFC 2474) marking for inbound IPv6 filter exempted traffic. Value must be |
509 | Rate limit for inbound IPv6 filter exempted traffic. | Rate limit for inbound IPv6 filter exempted traffic. |
510 | DSCP (RFC 2474) marking for inbound default-block exempted traffic. Value must be | DSCP (RFC 2474) marking for inbound default-block exempted traffic. Value must be |
511 | Rate limit for inbound default-block exempted traffic. | Rate limit for inbound default-block exempted traffic. |
512 | Maximum number of state entries in the table. Value must be 0. | Maximum number of state entries in the table. Value must be 0. |
513 | Maximum number of per internal IP address rate limit queues for inbound unauthenticated IPv6 IPsec traffic. Value must be 0. | Maximum number of per internal IP address rate limit queues for inbound unauthenticated IPv6 IPsec traffic. Value must be 0. |
514 | Enabled keying modules | Enabled keying modules |
515 | IkeV1 | IkeV1 |
516 | IkeV2 | IkeV2 |
517 | AuthIp | AuthIp |
518 | Filtering flags | Filtering flags |
519 | DisableDefaultBlock | DisableDefaultBlock |
520 | FilterBlock | FilterBlock |
521 | FilterExempt | FilterExempt |
522 | Public network interfaces | Public network interfaces |
523 | Private network interfaces | Private network interfaces |
524 | Optional public IPv6 address or subnet, for which this policy is specified. | Optional public IPv6 address or subnet, for which this policy is specified. |
525 | Optional private IPv6 address or subnet, for which this policy is specified. | Optional private IPv6 address or subnet, for which this policy is specified. |
526 | Address family(ies) currently protected | Address family(ies) currently protected |
527 | Denial of Service Prevention Settings for IPsec. | Denial of Service Prevention Settings for IPsec. |
528 | Whether to enable stateful FTP. | Whether to enable stateful FTP. |
529 | False | False |
530 | True | True |
531 | NotConfigured | NotConfigured |
532 | Whether to enable stateful PPTP. | Whether to enable stateful PPTP. |
533 | Current profile. This is only valid in the ActiveStore. | Current profile. This is only valid in the ActiveStore. |
534 | Not Applicable | Not Applicable |
535 | Specifies which kinds of certificate problems should cause a certificate to be rejected. | Specifies which kinds of certificate problems should cause a certificate to be rejected. |
536 | Attempt CRL Check | Attempt CRL Check |
537 | Require CRL Check | Require CRL Check |
538 | The maximum length of time, in seconds, that an SA may be idle before it will be torn down. 0 means Not Configured. | The maximum length of time, in seconds, that an SA may be idle before it will be torn down. 0 means Not Configured. |
539 | When IPsec is in use, extra work is required to enable NAT traversal. This setting indicates on which side NAT traversal should be attempted. | When IPsec is in use, extra work is required to enable NAT traversal. This setting indicates on which side NAT traversal should be attempted. |
540 | Server | Server |
541 | Both | Both |
542 | How to encode Pre-Shared Keys. | How to encode Pre-Shared Keys. |
543 | UTF-16 | UTF-16 |
544 | UTF-8 | UTF-8 |
545 | Traffic exemptions | Traffic exemptions |
546 | NeighborDiscovery | NeighborDiscovery |
547 | Icmp | Icmp |
548 | RouterDiscovery | RouterDiscovery |
549 | Dhcp | Dhcp |
550 | Opportunistically match full auth set per key module | Opportunistically match full auth set per key module |
551 | SDDL for remote machine tunnel SA authorization | SDDL for remote machine tunnel SA authorization |
552 | SDDL for remote user tunnel SA authorization | SDDL for remote user tunnel SA authorization |
553 | SDDL for remote machine transport SA authorization | SDDL for remote machine transport SA authorization |
554 | SDDL for remote user transport SA authorization | SDDL for remote user transport SA authorization |
555 | Toggle IPSec queuing of packets for RSS-like functionality | Toggle IPSec queuing of packets for RSS-like functionality |
556 | Receive | Receive |
557 | Forward | Forward |
558 | Global settings for IPsec. | Global settings for IPsec. |
559 | The InstanceID of the CryptoSet to use for Main Mode. | The InstanceID of the CryptoSet to use for Main Mode. |
560 | The InstanceID of the CryptoSet to use for Quick Mode. | The InstanceID of the CryptoSet to use for Quick Mode. |
561 | The InstanceID of the AuthSet to use for Phase 1 auth. | The InstanceID of the AuthSet to use for Phase 1 auth. |
562 | The InstanceID of the AuthSet to use for Phase 2 auth. | The InstanceID of the AuthSet to use for Phase 2 auth. |
563 | A rule that alters the behavior of main-mode authentications. | A rule that alters the behavior of main-mode authentications. |
564 | The main mode rule being filtered. | The main mode rule being filtered. |
565 | Associates a main mode rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted. | Associates a main mode rule with its filters. Instances of this class can be traversed and the values in the associated filters can be modified, but instances of this class may not be created or deleted. |
566 | The main mode rule. | The main mode rule. |
567 | Relates a main mode rule to its Phase 1 Authentication Set. | Relates a main mode rule to its Phase 1 Authentication Set. |
568 | The Main Mode crypto set used in this rule. | The Main Mode crypto set used in this rule. |
569 | Relates an IPsec rule to its Main Mode crypto set. | Relates an IPsec rule to its Main Mode crypto set. |
570 | The main mode crypto set used in this rule. | The main mode crypto set used in this rule. |
571 | Relates a main mode rule to its Main Mode Crypto Set. | Relates a main mode rule to its Main Mode Crypto Set. |
572 | ImpersonationType | ImpersonationType |
573 | Impersonated | Impersonated |
574 | Authentication method used by this identity | Authentication method used by this identity |
575 | Preshared key | Preshared key |
576 | Certificate | Certificate |
577 | Kerberos | Kerberos |
578 | SSL | SSL |
579 | NTLMV2 | NTLMV2 |
580 | CGA | CGA |
581 | CertificateEcdsa256 | CertificateEcdsa256 |
582 | CertificateEcdsa384 | CertificateEcdsa384 |
583 | SSLEcdsa256 | SSLEcdsa256 |
584 | SSLEcdsa384 | SSLEcdsa384 |
585 | EAP | EAP |
586 | Identity flags | Identity flags |
587 | HealthCertificate | HealthCertificate |
588 | Identity | Identity |
589 | An identity used by IPsec | An identity used by IPsec |
590 | A free-form string that represents the status of the job. The primary status is reflected in the inherited OperationalStatus property. JobStatus provides additional, implementation-specific details. | A free-form string that represents the status of the job. The primary status is reflected in the inherited OperationalStatus property. JobStatus provides additional, implementation-specific details. |
591 | The time that the Job was submitted to execute. A value of all zeroes indicates that the owning element is not capable of reporting a date and time. Therefore, the ScheduledStartTime and StartTime are reported as intervals relative to the time their values are requested. | The time that the Job was submitted to execute. A value of all zeroes indicates that the owning element is not capable of reporting a date and time. Therefore, the ScheduledStartTime and StartTime are reported as intervals relative to the time their values are requested. |
592 | The time that the current Job is scheduled to start. This time can be represented by the actual date and time, or an interval relative to the time that this property is requested. A value of all zeroes indicates that the Job is already executing. The property is deprecated in lieu of the more expressive scheduling properties, RunMonth, RunDay, RunDayOfWeek, and RunStartInterval. | The time that the current Job is scheduled to start. This time can be represented by the actual date and time, or an interval relative to the time that this property is requested. A value of all zeroes indicates that the Job is already executing. The property is deprecated in lieu of the more expressive scheduling properties, RunMonth, RunDay, RunDayOfWeek, and RunStartInterval. |
593 | The time that the Job was actually started. This time can be represented by an actual date and time, or by an interval relative to the time that this property is requested. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \'last\' run time can be stored in this single-valued property. | The time that the Job was actually started. This time can be represented by an actual date and time, or by an interval relative to the time that this property is requested. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \'last\' run time can be stored in this single-valued property. |
594 | The time interval that the Job has been executing or the total execution time if the Job is complete. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \'last\' run time can be stored in this single-valued property. | The time interval that the Job has been executing or the total execution time if the Job is complete. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \'last\' run time can be stored in this single-valued property. |
595 | The number of times that the Job should be run. A value of 1 indicates that the Job is not recurring, while any non-zero value indicates a limit to the number of times that the Job will recur. Zero indicates that there is no limit to the number of times that the Job can be processed, but that it is terminated either after the UntilTime or by manual intervention. By default, a Job is processed once. | The number of times that the Job should be run. A value of 1 indicates that the Job is not recurring, while any non-zero value indicates a limit to the number of times that the Job will recur. Zero indicates that there is no limit to the number of times that the Job can be processed, but that it is terminated either after the UntilTime or by manual intervention. By default, a Job is processed once. |
596 | The month during which the Job should be processed. Specify 0 for January, 1 for February, and so on. | The month during which the Job should be processed. Specify 0 for January, 1 for February, and so on. |
597 | January | January |
598 | February | February |
599 | March | March |
600 | April | April |
601 | May | May |
602 | June | June |
603 | July | July |
604 | August | August |
605 | September | September |
606 | October | October |
607 | November | November |
608 | December | December |
609 | The day in the month on which the Job should be processed. There are two different interpretations for this property, depending on the value of DayOfWeek. In one case, RunDay defines the day-in-month on which the Job is processed. This interpretation is used when the DayOfWeek is 0. A positive or negative integer indicates whether the RunDay should be calculated from the beginning or end of the month. For example, 5 indicates the fifth day in the RunMonth and -1 indicates the last day in the RunMonth. When RunDayOfWeek is not 0, RunDay is the day-in-month on which the Job is processed, defined in conjunction with RunDayOfWeek. For example, if RunDay is 15 and RunDayOfWeek is Saturday, then the Job is processed on the first Saturday on or after the 15th day in the RunMonth (for example, the third Saturday in the month). If RunDay is 20 and RunDayOfWeek is -Saturday, then this indicates the first Saturday on or before the 20th day in the RunMonth. If RunDay is -1 and RunDayOfWeek is -Sunday, then this indicates the last Sunday in the RunMonth. |
The day in the month on which the Job should be processed. There are two different interpretations for this property, depending on the value of DayOfWeek. In one case, RunDay defines the day-in-month on which the Job is processed. This interpretation is used when the DayOfWeek is 0. A positive or negative integer indicates whether the RunDay should be calculated from the beginning or end of the month. For example, 5 indicates the fifth day in the RunMonth and -1 indicates the last day in the RunMonth. When RunDayOfWeek is not 0, RunDay is the day-in-month on which the Job is processed, defined in conjunction with RunDayOfWeek. For example, if RunDay is 15 and RunDayOfWeek is Saturday, then the Job is processed on the first Saturday on or after the 15th day in the RunMonth (for example, the third Saturday in the month). If RunDay is 20 and RunDayOfWeek is -Saturday, then this indicates the first Saturday on or before the 20th day in the RunMonth. If RunDay is -1 and RunDayOfWeek is -Sunday, then this indicates the last Sunday in the RunMonth. |
610 | A positive or negative integer used in conjunction with RunDay to indicate the day of the week on which the Job is processed. RunDayOfWeek is set to 0 to indicate an exact day of the month, such as March 1. A positive integer (representing Sunday, Monday, ..., Saturday) means that the day of week is found on or after the specified RunDay. A negative integer (representing -Sunday, -Monday, ..., -Saturday) means that the day of week is found on or BEFORE the RunDay. | A positive or negative integer used in conjunction with RunDay to indicate the day of the week on which the Job is processed. RunDayOfWeek is set to 0 to indicate an exact day of the month, such as March 1. A positive integer (representing Sunday, Monday, ..., Saturday) means that the day of week is found on or after the specified RunDay. A negative integer (representing -Sunday, -Monday, ..., -Saturday) means that the day of week is found on or BEFORE the RunDay. |
611 | -Saturday | -Saturday |
612 | -Friday | -Friday |
613 | -Thursday | -Thursday |
614 | -Wednesday | -Wednesday |
615 | -Tuesday | -Tuesday |
616 | -Monday | -Monday |
617 | -Sunday | -Sunday |
618 | ExactDayOfMonth | ExactDayOfMonth |
619 | Sunday | Sunday |
620 | Monday | Monday |
621 | Tuesday | Tuesday |
622 | Wednesday | Wednesday |
623 | Thursday | Thursday |
624 | Friday | Friday |
625 | Saturday | Saturday |
626 | The time interval after midnight when the Job should be processed. For example, 00000000020000.000000:000 indicates that the Job should be run on or after two o\'clock, local time or UTC time (distinguished using the LocalOrUtcTime property. |
The time interval after midnight when the Job should be processed. For example, 00000000020000.000000:000 indicates that the Job should be run on or after two o\'clock, local time or UTC time (distinguished using the LocalOrUtcTime property. |
627 | This property indicates whether the times represented in the RunStartInterval and UntilTime properties represent local times or UTC times. Time values are synchronized worldwide by using the enumeration value 2, "UTC Time". | This property indicates whether the times represented in the RunStartInterval and UntilTime properties represent local times or UTC times. Time values are synchronized worldwide by using the enumeration value 2, "UTC Time". |
628 | Local Time | Local Time |
629 | UTC Time | UTC Time |
630 | The time after which the Job is invalid or should be stopped. This time can be represented by an actual date and time, or by an interval relative to the time that this property is requested. A value of all nines indicates that the Job can run indefinitely. | The time after which the Job is invalid or should be stopped. This time can be represented by an actual date and time, or by an interval relative to the time that this property is requested. A value of all nines indicates that the Job can run indefinitely. |
631 | The User who is to be notified upon the Job completion or failure. | The User who is to be notified upon the Job completion or failure. |
632 | The User that submitted the Job, or the Service or method name that caused the job to be created. | The User that submitted the Job, or the Service or method name that caused the job to be created. |
633 | Indicates the urgency or importance of execution of the Job. The lower the number, the higher the priority. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the setting information that would influence the results of a job. | Indicates the urgency or importance of execution of the Job. The lower the number, the higher the priority. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the setting information that would influence the results of a job. |
634 | The percentage of the job that has completed at the time that this value is requested. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \'last\' run data can be stored in this single-valued property. Note that the value 101 is undefined and will be not be allowed in the next major revision of the specification. |
The percentage of the job that has completed at the time that this value is requested. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \'last\' run data can be stored in this single-valued property. Note that the value 101 is undefined and will be not be allowed in the next major revision of the specification. |
635 | Percent | Percent |
636 | Indicates whether or not the job should be automatically deleted upon completion. Note that the \'completion\' of a recurring job is defined by its JobRunTimes or UntilTime properties, or when the Job is terminated by manual intervention. If this property is set to false and the job completes, then the extrinsic method DeleteInstance must be used to delete the job instead of updating this property. | Indicates whether or not the job should be automatically deleted upon completion. Note that the \'completion\' of a recurring job is defined by its JobRunTimes or UntilTime properties, or when the Job is terminated by manual intervention. If this property is set to false and the job completes, then the extrinsic method DeleteInstance must be used to delete the job instead of updating this property. |
637 | A vendor-specific error code. The value must be set to zero if the Job completed without error. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \'last\' run error can be stored in this single-valued property. | A vendor-specific error code. The value must be set to zero if the Job completed without error. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \'last\' run error can be stored in this single-valued property. |
638 | A free-form string that contains the vendor error description. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \'last\' run error can be stored in this single-valued property. | A free-form string that contains the vendor error description. Note that this property is also present in the JobProcessingStatistics class. This class is necessary to capture the processing information for recurring Jobs, because only the \'last\' run error can be stored in this single-valued property. |
639 | Describes the recovery action to be taken for an unsuccessfully run Job. The possible values are: 0 = "Unknown", meaning it is unknown as to what recovery action to take 1 = "Other", indicating that the recovery action will be specified in the OtherRecoveryAction property 2 = "Do Not Continue", meaning stop the execution of the job and appropriately update its status 3 = "Continue With Next Job", meaning continue with the next job in the queue 4 = "Re-run Job", indicating that the job should be re-run 5 = "Run Recovery Job", meaning run the Job associated using the RecoveryJob relationship. Note that the recovery Job must already be in the queue from which it will run. |
Describes the recovery action to be taken for an unsuccessfully run Job. The possible values are: 0 = "Unknown", meaning it is unknown as to what recovery action to take 1 = "Other", indicating that the recovery action will be specified in the OtherRecoveryAction property 2 = "Do Not Continue", meaning stop the execution of the job and appropriately update its status 3 = "Continue With Next Job", meaning continue with the next job in the queue 4 = "Re-run Job", indicating that the job should be re-run 5 = "Run Recovery Job", meaning run the Job associated using the RecoveryJob relationship. Note that the recovery Job must already be in the queue from which it will run. |
640 | Do Not Continue | Do Not Continue |
641 | Continue With Next Job | Continue With Next Job |
642 | Re-run Job | Re-run Job |
643 | Run Recovery Job | Run Recovery Job |
644 | A string describing the recovery action when the RecoveryAction property of the instance is 1 ("Other"). | A string describing the recovery action when the RecoveryAction property of the instance is 1 ("Other"). |
645 | KillJob is being deprecated because there is no distinction made between an orderly shutdown and an immediate kill. CIM_ConcreteJob.RequestStateChange() provides \'Terminate\' and \'Kill\' options to allow this distinction. A method to kill this job and any underlying processes, and to remove any \'dangling\' associations. |
KillJob is being deprecated because there is no distinction made between an orderly shutdown and an immediate kill. CIM_ConcreteJob.RequestStateChange() provides \'Terminate\' and \'Kill\' options to allow this distinction. A method to kill this job and any underlying processes, and to remove any \'dangling\' associations. |
646 | Success | Success |
647 | Not Supported | Not Supported |
648 | Timeout | Timeout |
649 | Failed | Failed |
650 | Access Denied | Access Denied |
651 | Not Found | Not Found |
652 | Vendor Specific | Vendor Specific |
653 | Indicates whether or not the Job should be automatically deleted upon termination. This parameter takes precedence over the property, DeleteOnCompletion. | Indicates whether or not the Job should be automatically deleted upon termination. This parameter takes precedence over the property, DeleteOnCompletion. |
654 | A Job is a LogicalElement that represents an executing unit of work, such as a script or a print job. A Job is distinct from a Process in that a Job can be scheduled or queued, and its execution is not limited to a single system. | A Job is a LogicalElement that represents an executing unit of work, such as a script or a print job. A Job is distinct from a Process in that a Job can be scheduled or queued, and its execution is not limited to a single system. |
655 | Primary classification of the error. The following values are defined: 2 - Communications Error. Errors of this type are principally associated with the procedures and/or processes required to convey information from one point to another. 3 - Quality of Service Error. Errors of this type are principally associated with failures that result in reduced functionality or performance. 4 - Software Error. Error of this type are principally associated with a software or processing fault. 5 - Hardware Error. Errors of this type are principally associated with an equipment or hardware failure. 6 - Environmental Error. Errors of this type are principally associated with a failure condition relating the to facility, or other environmental considerations. 7 - Security Error. Errors of this type are associated with security violations, detection of viruses, and similar issues. 8 - Oversubscription Error. Errors of this type are principally associated with the failure to allocate sufficient resources to complete the operation. 9 - Unavailable Resource Error. Errors of this type are principally associated with the failure to access a required resource. 10 -Unsupported Operation Error. Errors of this type are principally associated with requests that are not supported. |
Primary classification of the error. The following values are defined: 2 - Communications Error. Errors of this type are principally associated with the procedures and/or processes required to convey information from one point to another. 3 - Quality of Service Error. Errors of this type are principally associated with failures that result in reduced functionality or performance. 4 - Software Error. Error of this type are principally associated with a software or processing fault. 5 - Hardware Error. Errors of this type are principally associated with an equipment or hardware failure. 6 - Environmental Error. Errors of this type are principally associated with a failure condition relating the to facility, or other environmental considerations. 7 - Security Error. Errors of this type are associated with security violations, detection of viruses, and similar issues. 8 - Oversubscription Error. Errors of this type are principally associated with the failure to allocate sufficient resources to complete the operation. 9 - Unavailable Resource Error. Errors of this type are principally associated with the failure to access a required resource. 10 -Unsupported Operation Error. Errors of this type are principally associated with requests that are not supported. |
656 | Communications Error | Communications Error |
657 | Quality of Service Error | Quality of Service Error |
658 | Software Error | Software Error |
659 | Hardware Error | Hardware Error |
660 | Environmental Error | Environmental Error |
661 | Security Error | Security Error |
662 | Oversubscription Error | Oversubscription Error |
663 | Unavailable Resource Error | Unavailable Resource Error |
664 | Unsupported Operation Error | Unsupported Operation Error |
665 | A free-form string describing the ErrorType when 1, "Other", is specified as the ErrorType. | A free-form string describing the ErrorType when 1, "Other", is specified as the ErrorType. |
666 | A string that uniquely identifies the entity that owns the definition of the format of the Message described in this instance. OwningEntity MUST include a copyrighted, trademarked or otherwise unique name that is owned by the business entity or standards body defining the format. | A string that uniquely identifies the entity that owns the definition of the format of the Message described in this instance. OwningEntity MUST include a copyrighted, trademarked or otherwise unique name that is owned by the business entity or standards body defining the format. |
667 | An opaque string that uniquely identifies, within the scope of the OwningEntity, the format of the Message. | An opaque string that uniquely identifies, within the scope of the OwningEntity, the format of the Message. |
668 | The formatted message. This message is constructed by combining some or all of the dynamic elements specified in the MessageArguments property with the static elements uniquely identified by the MessageID in a message registry or other catalog associated with the OwningEntity. | The formatted message. This message is constructed by combining some or all of the dynamic elements specified in the MessageArguments property with the static elements uniquely identified by the MessageID in a message registry or other catalog associated with the OwningEntity. |
669 | An array containing the dynamic content of the message. | An array containing the dynamic content of the message. |
670 | An enumerated value that describes the severity of the Indication from the notifier\'s point of view: 0 - the Perceived Severity of the indication is unknown or indeterminate. 1 - Other, by CIM convention, is used to indicate that the Severity\'s value can be found in the OtherSeverity property. 2 - Information should be used when providing an informative response. 3 - Degraded/Warning should be used when its appropriate to let the user decide if action is needed. 4 - Minor should be used to indicate action is needed, but the situation is not serious at this time. 5 - Major should be used to indicate action is needed NOW. 6 - Critical should be used to indicate action is needed NOW and the scope is broad (perhaps an imminent outage to a critical resource will result). 7 - Fatal/NonRecoverable should be used to indicate an error occurred, but it\'s too late to take remedial action. 2 and 0 - Information and Unknown (respectively) follow common usage. Literally, the Error is purely informational or its severity is simply unknown. |
An enumerated value that describes the severity of the Indication from the notifier\'s point of view: 0 - the Perceived Severity of the indication is unknown or indeterminate. 1 - Other, by CIM convention, is used to indicate that the Severity\'s value can be found in the OtherSeverity property. 2 - Information should be used when providing an informative response. 3 - Degraded/Warning should be used when its appropriate to let the user decide if action is needed. 4 - Minor should be used to indicate action is needed, but the situation is not serious at this time. 5 - Major should be used to indicate action is needed NOW. 6 - Critical should be used to indicate action is needed NOW and the scope is broad (perhaps an imminent outage to a critical resource will result). 7 - Fatal/NonRecoverable should be used to indicate an error occurred, but it\'s too late to take remedial action. 2 and 0 - Information and Unknown (respectively) follow common usage. Literally, the Error is purely informational or its severity is simply unknown. |
671 | Information | Information |
672 | Minor | Minor |
673 | Major | Major |
674 | Critical | Critical |
675 | Fatal/NonRecoverable | Fatal/NonRecoverable |
676 | An enumerated value that describes the probable cause of the error. | An enumerated value that describes the probable cause of the error. |
677 | Adapter/Card Error | Adapter/Card Error |
678 | Application Subsystem Failure | Application Subsystem Failure |
679 | Bandwidth Reduced | Bandwidth Reduced |
680 | Connection Establishment Error | Connection Establishment Error |
681 | Communications Protocol Error | Communications Protocol Error |
682 | Communications Subsystem Failure | Communications Subsystem Failure |
683 | Configuration/Customization Error | Configuration/Customization Error |
684 | Congestion | Congestion |
685 | Corrupt Data | Corrupt Data |
686 | CPU Cycles Limit Exceeded | CPU Cycles Limit Exceeded |
687 | Dataset/Modem Error | Dataset/Modem Error |
688 | Degraded Signal | Degraded Signal |
689 | DTE-DCE Interface Error | DTE-DCE Interface Error |
690 | Enclosure Door Open | Enclosure Door Open |
691 | Equipment Malfunction | Equipment Malfunction |
692 | Excessive Vibration | Excessive Vibration |
693 | File Format Error | File Format Error |
694 | Fire Detected | Fire Detected |
695 | Flood Detected | Flood Detected |
696 | Framing Error | Framing Error |
697 | HVAC Problem | HVAC Problem |
698 | Humidity Unacceptable | Humidity Unacceptable |
699 | I/O Device Error | I/O Device Error |
700 | Input Device Error | Input Device Error |
701 | LAN Error | LAN Error |
702 | Non-Toxic Leak Detected | Non-Toxic Leak Detected |
703 | Local Node Transmission Error | Local Node Transmission Error |
704 | Loss of Frame | Loss of Frame |
705 | Loss of Signal | Loss of Signal |
706 | Material Supply Exhausted | Material Supply Exhausted |
707 | Multiplexer Problem | Multiplexer Problem |
708 | Out of Memory | Out of Memory |
709 | Output Device Error | Output Device Error |
710 | Performance Degraded | Performance Degraded |
711 | Power Problem | Power Problem |
712 | Pressure Unacceptable | Pressure Unacceptable |
713 | Processor Problem (Internal Machine Error) | Processor Problem (Internal Machine Error) |
714 | Pump Failure | Pump Failure |
715 | Queue Size Exceeded | Queue Size Exceeded |
716 | Receive Failure | Receive Failure |
717 | Receiver Failure | Receiver Failure |
718 | Remote Node Transmission Error | Remote Node Transmission Error |
719 | Resource at or Nearing Capacity | Resource at or Nearing Capacity |
720 | Response Time Excessive | Response Time Excessive |
721 | Retransmission Rate Excessive | Retransmission Rate Excessive |
722 | Software Program Abnormally Terminated | Software Program Abnormally Terminated |
723 | Software Program Error (Incorrect Results) | Software Program Error (Incorrect Results) |
724 | Storage Capacity Problem | Storage Capacity Problem |
725 | Temperature Unacceptable | Temperature Unacceptable |
726 | Threshold Crossed | Threshold Crossed |
727 | Timing Problem | Timing Problem |
728 | Toxic Leak Detected | Toxic Leak Detected |
729 | Transmit Failure | Transmit Failure |
730 | Transmitter Failure | Transmitter Failure |
731 | Underlying Resource Unavailable | Underlying Resource Unavailable |
732 | Version Mismatch | Version Mismatch |
733 | Previous Alert Cleared | Previous Alert Cleared |
734 | Login Attempts Failed | Login Attempts Failed |
735 | Software Virus Detected | Software Virus Detected |
736 | Hardware Security Breached | Hardware Security Breached |
737 | Denial of Service Detected | Denial of Service Detected |
738 | Security Credential Mismatch | Security Credential Mismatch |
739 | Unauthorized Access | Unauthorized Access |
740 | Alarm Received | Alarm Received |
741 | Loss of Pointer | Loss of Pointer |
742 | Payload Mismatch | Payload Mismatch |
743 | Transmission Error | Transmission Error |
744 | Excessive Error Rate | Excessive Error Rate |
745 | Trace Problem | Trace Problem |
746 | Element Unavailable | Element Unavailable |
747 | Element Missing | Element Missing |
748 | Loss of Multi Frame | Loss of Multi Frame |
749 | Broadcast Channel Failure | Broadcast Channel Failure |
750 | Invalid Message Received | Invalid Message Received |
751 | Routing Failure | Routing Failure |
752 | Backplane Failure | Backplane Failure |
753 | Identifier Duplication | Identifier Duplication |
754 | Protection Path Failure | Protection Path Failure |
755 | Sync Loss or Mismatch | Sync Loss or Mismatch |
756 | Terminal Problem | Terminal Problem |
757 | Real Time Clock Failure | Real Time Clock Failure |
758 | Antenna Failure | Antenna Failure |
759 | Battery Charging Failure | Battery Charging Failure |
760 | Disk Failure | Disk Failure |
761 | Frequency Hopping Failure | Frequency Hopping Failure |
762 | Loss of Redundancy | Loss of Redundancy |
763 | Power Supply Failure | Power Supply Failure |
764 | Signal Quality Problem | Signal Quality Problem |
765 | Battery Discharging | Battery Discharging |
766 | Battery Failure | Battery Failure |
767 | Commercial Power Problem | Commercial Power Problem |
768 | Fan Failure | Fan Failure |
769 | Engine Failure | Engine Failure |
770 | Sensor Failure | Sensor Failure |
771 | Fuse Failure | Fuse Failure |
772 | Generator Failure | Generator Failure |
773 | Low Battery | Low Battery |
774 | Low Fuel | Low Fuel |
775 | Low Water | Low Water |
776 | Explosive Gas | Explosive Gas |
777 | High Winds | High Winds |
778 | Ice Buildup | Ice Buildup |
779 | Smoke | Smoke |
780 | Memory Mismatch | Memory Mismatch |
781 | Out of CPU Cycles | Out of CPU Cycles |
782 | Software Environment Problem | Software Environment Problem |
783 | Software Download Failure | Software Download Failure |
784 | Element Reinitialized | Element Reinitialized |
785 | Logging Problems | Logging Problems |
786 | Leak Detected | Leak Detected |
787 | Protection Mechanism Failure | Protection Mechanism Failure |
788 | Protecting Resource Failure | Protecting Resource Failure |
789 | Database Inconsistency | Database Inconsistency |
790 | Authentication Failure | Authentication Failure |
791 | Breach of Confidentiality | Breach of Confidentiality |
792 | Cable Tamper | Cable Tamper |
793 | Delayed Information | Delayed Information |
794 | Duplicate Information | Duplicate Information |
795 | Information Missing | Information Missing |
796 | Information Modification | Information Modification |
797 | Information Out of Sequence | Information Out of Sequence |
798 | Key Expired | Key Expired |
799 | Non-Repudiation Failure | Non-Repudiation Failure |
800 | Out of Hours Activity | Out of Hours Activity |
801 | Out of Service | Out of Service |
802 | Procedural Error | Procedural Error |
803 | Unexpected Information | Unexpected Information |
804 | A free-form string describing the probable cause of the error. | A free-form string describing the probable cause of the error. |
805 | A free-form string describing recommended actions to take to resolve the error. | A free-form string describing recommended actions to take to resolve the error. |
806 | The identifying information of the entity (i.e., the instance) generating the error. If this entity is modeled in the CIM Schema, this property contains the path of the instance encoded as a string parameter. If not modeled, the property contains some identifying string that names the entity that generated the error. The path or identifying string is formatted per the ErrorSourceFormat property. | The identifying information of the entity (i.e., the instance) generating the error. If this entity is modeled in the CIM Schema, this property contains the path of the instance encoded as a string parameter. If not modeled, the property contains some identifying string that names the entity that generated the error. The path or identifying string is formatted per the ErrorSourceFormat property. |
807 | The format of the ErrorSource property is interpretable based on the value of this property. Values are defined as: 0 - Unknown. The format is unknown or not meaningfully interpretable by a CIM client application. 1 - Other. The format is defined by the value of the OtherErrorSourceFormat property.2 - CIMObjectPath. A CIM Object Path as defined in the CIM Infrastructure specification. Note: CIM 2.5 and earlier used the term object names. |
The format of the ErrorSource property is interpretable based on the value of this property. Values are defined as: 0 - Unknown. The format is unknown or not meaningfully interpretable by a CIM client application. 1 - Other. The format is defined by the value of the OtherErrorSourceFormat property.2 - CIMObjectPath. A CIM Object Path as defined in the CIM Infrastructure specification. Note: CIM 2.5 and earlier used the term object names. |
808 | CIMObjectPath | CIMObjectPath |
809 | A string defining "Other" values for ErrorSourceFormat. This value MUST be set to a non NULL value when ErrorSourceFormat is set to a value of 1 ("Other"). For all other values of ErrorSourceFormat, the value of this string must be set to NULL. | A string defining "Other" values for ErrorSourceFormat. This value MUST be set to a non NULL value when ErrorSourceFormat is set to a value of 1 ("Other"). For all other values of ErrorSourceFormat, the value of this string must be set to NULL. |
810 | The CIM status code that characterizes this instance. This property defines the status codes that MAY be return by a conforming CIM Server or Listener. Note that not all status codes are valid for each operation. The specification for each operation SHOULD define the status codes that may be returned by that operation. The following values for CIM status code are defined: 1 - CIM_ERR_FAILED. A general error occurred that is not covered by a more specific error code. 2 - CIM_ERR_ACCESS_DENIED. Access to a CIM resource was not available to the client. 3 - CIM_ERR_INVALID_NAMESPACE. The target namespace does not exist. 4 - CIM_ERR_INVALID_PARAMETER. One or more parameter values passed to the method were invalid. 5 - CIM_ERR_INVALID_CLASS. The specified Class does not exist. 6 - CIM_ERR_NOT_FOUND. The requested object could not be found. 7 - CIM_ERR_NOT_SUPPORTED. The requested operation is not supported. 8 - CIM_ERR_CLASS_HAS_CHILDREN. Operation cannot be carried out on this class since it has instances. 9 - CIM_ERR_CLASS_HAS_INSTANCES. Operation cannot be carried out on this class since it has instances. 10 - CIM_ERR_INVALID_SUPERCLASS. Operation cannot be carried out since the specified superclass does not exist. 11 - CIM_ERR_ALREADY_EXISTS. Operation cannot be carried out because an object already exists. 12 - CIM_ERR_NO_SUCH_PROPERTY. The specified Property does not exist. 13 - CIM_ERR_TYPE_MISMATCH. The value supplied is incompatible with the type. 14 - CIM_ERR_QUERY_LANGUAGE_NOT_SUPPORTED. The query language is not recognized or supported. 15 - CIM_ERR_INVALID_QUERY. The query is not valid for the specified query language. 16 - CIM_ERR_METHOD_NOT_AVAILABLE. The extrinsic Method could not be executed. 17 - CIM_ERR_METHOD_NOT_FOUND. The specified extrinsic Method does not exist. 18 - CIM_ERR_UNEXPECTED_RESPONSE. The returned response to the asynchronous operation was not expected. 19 - CIM_ERR_INVALID_RESPONSE_DESTINATION. The specified destination for the asynchronous response is not valid. 20 - CIM_ERR_NAMESPACE_NOT_EMPTY. The specified Namespace is not empty. 21 - CIM_ERR_INVALID_ENUMERATION_CONTEXT. The enumeration context supplied is not valid. 22 - CIM_ERR_INVALID_OPERATION_TIMEOUT. The specified Namespace is not empty. 23 - CIM_ERR_PULL_HAS_BEEN_ABANDONED. The specified Namespace is not empty. 24 - CIM_ERR_PULL_CANNOT_BE_ABANDONED. The attempt to abandon a pull operation has failed. 25 - CIM_ERR_FILTERED_ENUMERATION_NOT_SUPPORTED. Filtered Enumeratrions are not supported. 26 - CIM_ERR_CONTINUATION_ON_ERROR_NOT_SUPPORTED. Continue on error is not supported. 27 - CIM_ERR_SERVER_LIMITS_EXCEEDED. The WBEM Server limits have been exceeded (e.g. memory, connections, ...). 28 - CIM_ERR_SERVER_IS_SHUTTING_DOWN. The WBEM Server is shutting down. 29 - CIM_ERR_QUERY_FEATURE_NOT_SUPPORTED. The specified Query Feature is not supported. |
The CIM status code that characterizes this instance. This property defines the status codes that MAY be return by a conforming CIM Server or Listener. Note that not all status codes are valid for each operation. The specification for each operation SHOULD define the status codes that may be returned by that operation. The following values for CIM status code are defined: 1 - CIM_ERR_FAILED. A general error occurred that is not covered by a more specific error code. 2 - CIM_ERR_ACCESS_DENIED. Access to a CIM resource was not available to the client. 3 - CIM_ERR_INVALID_NAMESPACE. The target namespace does not exist. 4 - CIM_ERR_INVALID_PARAMETER. One or more parameter values passed to the method were invalid. 5 - CIM_ERR_INVALID_CLASS. The specified Class does not exist. 6 - CIM_ERR_NOT_FOUND. The requested object could not be found. 7 - CIM_ERR_NOT_SUPPORTED. The requested operation is not supported. 8 - CIM_ERR_CLASS_HAS_CHILDREN. Operation cannot be carried out on this class since it has instances. 9 - CIM_ERR_CLASS_HAS_INSTANCES. Operation cannot be carried out on this class since it has instances. 10 - CIM_ERR_INVALID_SUPERCLASS. Operation cannot be carried out since the specified superclass does not exist. 11 - CIM_ERR_ALREADY_EXISTS. Operation cannot be carried out because an object already exists. 12 - CIM_ERR_NO_SUCH_PROPERTY. The specified Property does not exist. 13 - CIM_ERR_TYPE_MISMATCH. The value supplied is incompatible with the type. 14 - CIM_ERR_QUERY_LANGUAGE_NOT_SUPPORTED. The query language is not recognized or supported. 15 - CIM_ERR_INVALID_QUERY. The query is not valid for the specified query language. 16 - CIM_ERR_METHOD_NOT_AVAILABLE. The extrinsic Method could not be executed. 17 - CIM_ERR_METHOD_NOT_FOUND. The specified extrinsic Method does not exist. 18 - CIM_ERR_UNEXPECTED_RESPONSE. The returned response to the asynchronous operation was not expected. 19 - CIM_ERR_INVALID_RESPONSE_DESTINATION. The specified destination for the asynchronous response is not valid. 20 - CIM_ERR_NAMESPACE_NOT_EMPTY. The specified Namespace is not empty. 21 - CIM_ERR_INVALID_ENUMERATION_CONTEXT. The enumeration context supplied is not valid. 22 - CIM_ERR_INVALID_OPERATION_TIMEOUT. The specified Namespace is not empty. 23 - CIM_ERR_PULL_HAS_BEEN_ABANDONED. The specified Namespace is not empty. 24 - CIM_ERR_PULL_CANNOT_BE_ABANDONED. The attempt to abandon a pull operation has failed. 25 - CIM_ERR_FILTERED_ENUMERATION_NOT_SUPPORTED. Filtered Enumeratrions are not supported. 26 - CIM_ERR_CONTINUATION_ON_ERROR_NOT_SUPPORTED. Continue on error is not supported. 27 - CIM_ERR_SERVER_LIMITS_EXCEEDED. The WBEM Server limits have been exceeded (e.g. memory, connections, ...). 28 - CIM_ERR_SERVER_IS_SHUTTING_DOWN. The WBEM Server is shutting down. 29 - CIM_ERR_QUERY_FEATURE_NOT_SUPPORTED. The specified Query Feature is not supported. |
811 | CIM_ERR_FAILED | CIM_ERR_FAILED |
812 | CIM_ERR_ACCESS_DENIED | CIM_ERR_ACCESS_DENIED |
813 | CIM_ERR_INVALID_NAMESPACE | CIM_ERR_INVALID_NAMESPACE |
814 | CIM_ERR_INVALID_PARAMETER | CIM_ERR_INVALID_PARAMETER |
815 | CIM_ERR_INVALID_CLASS | CIM_ERR_INVALID_CLASS |
816 | CIM_ERR_NOT_FOUND | CIM_ERR_NOT_FOUND |
817 | CIM_ERR_NOT_SUPPORTED | CIM_ERR_NOT_SUPPORTED |
818 | CIM_ERR_CLASS_HAS_CHILDREN | CIM_ERR_CLASS_HAS_CHILDREN |
819 | CIM_ERR_CLASS_HAS_INSTANCES | CIM_ERR_CLASS_HAS_INSTANCES |
820 | CIM_ERR_INVALID_SUPERCLASS | CIM_ERR_INVALID_SUPERCLASS |
821 | CIM_ERR_ALREADY_EXISTS | CIM_ERR_ALREADY_EXISTS |
822 | CIM_ERR_NO_SUCH_PROPERTY | CIM_ERR_NO_SUCH_PROPERTY |
823 | CIM_ERR_TYPE_MISMATCH | CIM_ERR_TYPE_MISMATCH |
824 | CIM_ERR_QUERY_LANGUAGE_NOT_SUPPORTED | CIM_ERR_QUERY_LANGUAGE_NOT_SUPPORTED |
825 | CIM_ERR_INVALID_QUERY | CIM_ERR_INVALID_QUERY |
826 | CIM_ERR_METHOD_NOT_AVAILABLE | CIM_ERR_METHOD_NOT_AVAILABLE |
827 | CIM_ERR_METHOD_NOT_FOUND | CIM_ERR_METHOD_NOT_FOUND |
828 | CIM_ERR_UNEXPECTED_RESPONSE | CIM_ERR_UNEXPECTED_RESPONSE |
829 | CIM_ERR_INVALID_RESPONSE_DESTINATION | CIM_ERR_INVALID_RESPONSE_DESTINATION |
830 | CIM_ERR_NAMESPACE_NOT_EMPTY | CIM_ERR_NAMESPACE_NOT_EMPTY |
831 | CIM_ERR_INVALID_ENUMERATION_CONTEXT | CIM_ERR_INVALID_ENUMERATION_CONTEXT |
832 | CIM_ERR_INVALID_OPERATION_TIMEOUT | CIM_ERR_INVALID_OPERATION_TIMEOUT |
833 | CIM_ERR_PULL_HAS_BEEN_ABANDONED | CIM_ERR_PULL_HAS_BEEN_ABANDONED |
834 | CIM_ERR_PULL_CANNOT_BE_ABANDONED | CIM_ERR_PULL_CANNOT_BE_ABANDONED |
835 | CIM_ERR_FILTERED_ENUMERATION_NOT_SUPPORTED | CIM_ERR_FILTERED_ENUMERATION_NOT_SUPPORTED |
836 | CIM_ERR_CONTINUATION_ON_ERROR_NOT_SUPPORTED | CIM_ERR_CONTINUATION_ON_ERROR_NOT_SUPPORTED |
837 | CIM_ERR_SERVER_LIMITS_EXCEEDED | CIM_ERR_SERVER_LIMITS_EXCEEDED |
838 | CIM_ERR_SERVER_IS_SHUTTING_DOWN | CIM_ERR_SERVER_IS_SHUTTING_DOWN |
839 | CIM_ERR_QUERY_FEATURE_NOT_SUPPORTED | CIM_ERR_QUERY_FEATURE_NOT_SUPPORTED |
840 | A free-form string containing a human-readable description of CIMStatusCode. This description MAY extend, but MUST be consistent with, the definition of CIMStatusCode. | A free-form string containing a human-readable description of CIMStatusCode. This description MAY extend, but MUST be consistent with, the definition of CIMStatusCode. |
841 | 2.22.1 | 2.22.1 |
842 | CIM_Error is a specialized class that contains information about the severity, cause, recommended actions and other data related to the failure of a CIM Operation. Instances of this type MAY be included as part of the response to a CIM Operation. | CIM_Error is a specialized class that contains information about the severity, cause, recommended actions and other data related to the failure of a CIM Operation. Instances of this type MAY be included as part of the response to a CIM Operation. |
843 | Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. In order to ensure uniqueness within the NameSpace, the value of InstanceID SHOULD be constructed using the following \'preferred\' algorithm: : Where and are separated by a colon \':\', and where must include a copyrighted, trademarked or otherwise unique name that is owned by the business entity that is creating or defining the InstanceID, or that is a registered ID that is assigned to the business entity by a recognized global authority. (This requirement is similar to the _ structure of Schema class names.) In addition, to ensure uniqueness must not contain a colon (\':\'). When using this algorithm, the first colon to appear in InstanceID must appear between and . is chosen by the business entity and should not be re-used to identify different underlying (real-world) elements. If the above \'preferred\' algorithm is not used, the defining entity must assure that the resulting InstanceID is not re-used across any InstanceIDs produced by this or other providers for the NameSpace of this instance. For DMTF defined instances, the \'preferred\' algorithm must be used with the set to \'CIM\'. |
Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. In order to ensure uniqueness within the NameSpace, the value of InstanceID SHOULD be constructed using the following \'preferred\' algorithm: : Where and are separated by a colon \':\', and where must include a copyrighted, trademarked or otherwise unique name that is owned by the business entity that is creating or defining the InstanceID, or that is a registered ID that is assigned to the business entity by a recognized global authority. (This requirement is similar to the _ structure of Schema class names.) In addition, to ensure uniqueness must not contain a colon (\':\'). When using this algorithm, the first colon to appear in InstanceID must appear between and . is chosen by the business entity and should not be re-used to identify different underlying (real-world) elements. If the above \'preferred\' algorithm is not used, the defining entity must assure that the resulting InstanceID is not re-used across any InstanceIDs produced by this or other providers for the NameSpace of this instance. For DMTF defined instances, the \'preferred\' algorithm must be used with the set to \'CIM\'. |
844 | The user-friendly name for this instance of a Job. In addition, the user-friendly name can be used as a property for a search or query. (Note: Name does not have to be unique within a namespace.) | The user-friendly name for this instance of a Job. In addition, the user-friendly name can be used as a property for a search or query. (Note: Name does not have to be unique within a namespace.) |
845 | JobState is an integer enumeration that indicates the operational state of a Job. It can also indicate transitions between these states, for example, \'Shutting Down\' and \'Starting\'. Following is a brief description of the states: New (2) indicates that the job has never been started. Starting (3) indicates that the job is moving from the \'New\', \'Suspended\', or \'Service\' states into the \'Running\' state. Running (4) indicates that the Job is running. Suspended (5) indicates that the Job is stopped, but can be restarted in a seamless manner. Shutting Down (6) indicates that the job is moving to a \'Completed\', \'Terminated\', or \'Killed\' state. Completed (7) indicates that the job has completed normally. Terminated (8) indicates that the job has been stopped by a \'Terminate\' state change request. The job and all its underlying processes are ended and can be restarted (this is job-specific) only as a new job. Killed (9) indicates that the job has been stopped by a \'Kill\' state change request. Underlying processes might have been left running, and cleanup might be required to free up resources. Exception (10) indicates that the Job is in an abnormal state that might be indicative of an error condition. Actual status might be displayed though job-specific objects. Service (11) indicates that the Job is in a vendor-specific state that supports problem discovery, or resolution, or both. Query pending (12) waiting for a client to resolve a query |
JobState is an integer enumeration that indicates the operational state of a Job. It can also indicate transitions between these states, for example, \'Shutting Down\' and \'Starting\'. Following is a brief description of the states: New (2) indicates that the job has never been started. Starting (3) indicates that the job is moving from the \'New\', \'Suspended\', or \'Service\' states into the \'Running\' state. Running (4) indicates that the Job is running. Suspended (5) indicates that the Job is stopped, but can be restarted in a seamless manner. Shutting Down (6) indicates that the job is moving to a \'Completed\', \'Terminated\', or \'Killed\' state. Completed (7) indicates that the job has completed normally. Terminated (8) indicates that the job has been stopped by a \'Terminate\' state change request. The job and all its underlying processes are ended and can be restarted (this is job-specific) only as a new job. Killed (9) indicates that the job has been stopped by a \'Kill\' state change request. Underlying processes might have been left running, and cleanup might be required to free up resources. Exception (10) indicates that the Job is in an abnormal state that might be indicative of an error condition. Actual status might be displayed though job-specific objects. Service (11) indicates that the Job is in a vendor-specific state that supports problem discovery, or resolution, or both. Query pending (12) waiting for a client to resolve a query |
846 | New | New |
847 | Running | Running |
848 | Suspended | Suspended |
849 | Terminated | Terminated |
850 | Killed | Killed |
851 | Exception | Exception |
852 | Service | Service |
853 | Query Pending | Query Pending |
854 | The date or time when the state of the Job last changed. If the state of the Job has not changed and this property is populated, then it must be set to a 0 interval value. If a state change was requested, but rejected or not yet processed, the property must not be updated. | The date or time when the state of the Job last changed. If the state of the Job has not changed and this property is populated, then it must be set to a 0 interval value. If a state change was requested, but rejected or not yet processed, the property must not be updated. |
855 | The amount of time that the Job is retained after it has finished executing, either succeeding or failing in that execution. The job must remain in existence for some period of time regardless of the value of the DeleteOnCompletion property. The default is five minutes. |
The amount of time that the Job is retained after it has finished executing, either succeeding or failing in that execution. The job must remain in existence for some period of time regardless of the value of the DeleteOnCompletion property. The default is five minutes. |
856 | Requests that the state of the job be changed to the value specified in the RequestedState parameter. Invoking the RequestStateChange method multiple times could result in earlier requests being overwritten or lost. If 0 is returned, then the task completed successfully. Any other return code indicates an error condition. |
Requests that the state of the job be changed to the value specified in the RequestedState parameter. Invoking the RequestStateChange method multiple times could result in earlier requests being overwritten or lost. If 0 is returned, then the task completed successfully. Any other return code indicates an error condition. |
857 | Completed with No Error | Completed with No Error |
858 | Unknown/Unspecified Error | Unknown/Unspecified Error |
859 | Can NOT complete within Timeout Period | Can NOT complete within Timeout Period |
860 | Invalid Parameter | Invalid Parameter |
861 | In Use | In Use |
862 | Method Parameters Checked - Transition Started | Method Parameters Checked - Transition Started |
863 | Invalid State Transition | Invalid State Transition |
864 | Use of Timeout Parameter Not Supported | Use of Timeout Parameter Not Supported |
865 | Busy | Busy |
866 | Method Reserved | Method Reserved |
867 | RequestStateChange changes the state of a job. The possible values are as follows: Start (2) changes the state to \'Running\'. Suspend (3) stops the job temporarily. The intention is to subsequently restart the job with \'Start\'. It might be possible to enter the \'Service\' state while suspended. (This is job-specific.) Terminate (4) stops the job cleanly, saving data, preserving the state, and shutting down all underlying processes in an orderly manner. Kill (5) terminates the job immediately with no requirement to save data or preserve the state. Service (6) puts the job into a vendor-specific service state. It might be possible to restart the job. |
RequestStateChange changes the state of a job. The possible values are as follows: Start (2) changes the state to \'Running\'. Suspend (3) stops the job temporarily. The intention is to subsequently restart the job with \'Start\'. It might be possible to enter the \'Service\' state while suspended. (This is job-specific.) Terminate (4) stops the job cleanly, saving data, preserving the state, and shutting down all underlying processes in an orderly manner. Kill (5) terminates the job immediately with no requirement to save data or preserve the state. Service (6) puts the job into a vendor-specific service state. It might be possible to restart the job. |
868 | Start | Start |
869 | Suspend | Suspend |
870 | Terminate | Terminate |
871 | Kill | Kill |
872 | A timeout period that specifies the maximum amount of time that the client expects the transition to the new state to take. The interval format must be used to specify the TimeoutPeriod. A value of 0 or a null parameter indicates that the client has no time requirements for the transition. If this property does not contain 0 or null and the implementation does not support this parameter, a return code of \'Use Of Timeout Parameter Not Supported\' must be returned. |
A timeout period that specifies the maximum amount of time that the client expects the transition to the new state to take. The interval format must be used to specify the TimeoutPeriod. A value of 0 or a null parameter indicates that the client has no time requirements for the transition. If this property does not contain 0 or null and the implementation does not support this parameter, a return code of \'Use Of Timeout Parameter Not Supported\' must be returned. |
873 | When the job is executing or has terminated without error, then this method returns no CIM_Error instance. However, if the job has failed because of some internal problem or because the job has been terminated by a client, then a CIM_Error instance is returned. | When the job is executing or has terminated without error, then this method returns no CIM_Error instance. However, if the job has failed because of some internal problem or because the job has been terminated by a client, then a CIM_Error instance is returned. |
874 | Unspecified Error | Unspecified Error |
875 | If the OperationalStatus on the Job is not "OK", then this method will return a CIM Error instance. Otherwise, when the Job is "OK", null is returned. | If the OperationalStatus on the Job is not "OK", then this method will return a CIM Error instance. Otherwise, when the Job is "OK", null is returned. |
876 | A concrete version of Job. This class represents a generic and instantiable unit of work, such as a batch or a print job. | A concrete version of Job. This class represents a generic and instantiable unit of work, such as a batch or a print job. |
877 | EnabledState is an integer enumeration that indicates the enabled and disabled states of an element. It can also indicate the transitions between these requested states. For example, shutting down (value=4) and starting (value=10) are transient states between enabled and disabled. The following text briefly summarizes the various enabled and disabled states: Enabled (2) indicates that the element is or could be executing commands, will process any queued commands, and queues new requests. Disabled (3) indicates that the element will not execute commands and will drop any new requests. Shutting Down (4) indicates that the element is in the process of going to a Disabled state. Not Applicable (5) indicates the element does not support being enabled or disabled. Enabled but Offline (6) indicates that the element might be completing commands, and will drop any new requests. Test (7) indicates that the element is in a test state. Deferred (8) indicates that the element might be completing commands, but will queue any new requests. Quiesce (9) indicates that the element is enabled but in a restricted mode. Starting (10) indicates that the element is in the process of going to an Enabled state. New requests are queued. |
EnabledState is an integer enumeration that indicates the enabled and disabled states of an element. It can also indicate the transitions between these requested states. For example, shutting down (value=4) and starting (value=10) are transient states between enabled and disabled. The following text briefly summarizes the various enabled and disabled states: Enabled (2) indicates that the element is or could be executing commands, will process any queued commands, and queues new requests. Disabled (3) indicates that the element will not execute commands and will drop any new requests. Shutting Down (4) indicates that the element is in the process of going to a Disabled state. Not Applicable (5) indicates the element does not support being enabled or disabled. Enabled but Offline (6) indicates that the element might be completing commands, and will drop any new requests. Test (7) indicates that the element is in a test state. Deferred (8) indicates that the element might be completing commands, but will queue any new requests. Quiesce (9) indicates that the element is enabled but in a restricted mode. Starting (10) indicates that the element is in the process of going to an Enabled state. New requests are queued. |
878 | Enabled but Offline | Enabled but Offline |
879 | Deferred | Deferred |
880 | Quiesce | Quiesce |
881 | A string that describes the enabled or disabled state of the element when the EnabledState property is set to 1 ("Other"). This property must be set to null when EnabledState is any value other than 1. | A string that describes the enabled or disabled state of the element when the EnabledState property is set to 1 ("Other"). This property must be set to null when EnabledState is any value other than 1. |
882 | RequestedState is an integer enumeration that indicates the last requested or desired state for the element, irrespective of the mechanism through which it was requested. The actual state of the element is represented by EnabledState. This property is provided to compare the last requested and current enabled or disabled states. Note that when EnabledState is set to 5 ("Not Applicable"), then this property has no meaning. Refer to the EnabledState property description for explanations of the values in the RequestedState enumeration. "Unknown" (0) indicates the last requested state for the element is unknown. Note that the value "No Change" (5) has been deprecated in lieu of indicating the last requested state is "Unknown" (0). If the last requested or desired state is unknown, RequestedState should have the value "Unknown" (0), but may have the value "No Change" (5).Offline (6) indicates that the element has been requested to transition to the Enabled but Offline EnabledState. It should be noted that there are two new values in RequestedState that build on the statuses of EnabledState. These are "Reboot" (10) and "Reset" (11). Reboot refers to doing a "Shut Down" and then moving to an "Enabled" state. Reset indicates that the element is first "Disabled" and then "Enabled". The distinction between requesting "Shut Down" and "Disabled" should also be noted. Shut Down requests an orderly transition to the Disabled state, and might involve removing power, to completely erase any existing state. The Disabled state requests an immediate disabling of the element, such that it will not execute or accept any commands or processing requests. This property is set as the result of a method invocation (such as Start or StopService on CIM_Service), or can be overridden and defined as WRITEable in a subclass. The method approach is considered superior to a WRITEable property, because it allows an explicit invocation of the operation and the return of a result code. If knowledge of the last RequestedState is not supported for the EnabledLogicalElement, the property shall be NULL or have the value 12 "Not Applicable". |
RequestedState is an integer enumeration that indicates the last requested or desired state for the element, irrespective of the mechanism through which it was requested. The actual state of the element is represented by EnabledState. This property is provided to compare the last requested and current enabled or disabled states. Note that when EnabledState is set to 5 ("Not Applicable"), then this property has no meaning. Refer to the EnabledState property description for explanations of the values in the RequestedState enumeration. "Unknown" (0) indicates the last requested state for the element is unknown. Note that the value "No Change" (5) has been deprecated in lieu of indicating the last requested state is "Unknown" (0). If the last requested or desired state is unknown, RequestedState should have the value "Unknown" (0), but may have the value "No Change" (5).Offline (6) indicates that the element has been requested to transition to the Enabled but Offline EnabledState. It should be noted that there are two new values in RequestedState that build on the statuses of EnabledState. These are "Reboot" (10) and "Reset" (11). Reboot refers to doing a "Shut Down" and then moving to an "Enabled" state. Reset indicates that the element is first "Disabled" and then "Enabled". The distinction between requesting "Shut Down" and "Disabled" should also be noted. Shut Down requests an orderly transition to the Disabled state, and might involve removing power, to completely erase any existing state. The Disabled state requests an immediate disabling of the element, such that it will not execute or accept any commands or processing requests. This property is set as the result of a method invocation (such as Start or StopService on CIM_Service), or can be overridden and defined as WRITEable in a subclass. The method approach is considered superior to a WRITEable property, because it allows an explicit invocation of the operation and the return of a result code. If knowledge of the last RequestedState is not supported for the EnabledLogicalElement, the property shall be NULL or have the value 12 "Not Applicable". |
883 | Shut Down | Shut Down |
884 | No Change | No Change |
885 | Offline | Offline |
886 | Test | Test |
887 | Reboot | Reboot |
888 | Reset | Reset |
889 | An enumerated value indicating an administrator\'s default or startup configuration for the Enabled State of an element. By default, the element is "Enabled" (value=2). | An enumerated value indicating an administrator\'s default or startup configuration for the Enabled State of an element. By default, the element is "Enabled" (value=2). |
890 | No Default | No Default |
891 | The date or time when the EnabledState of the element last changed. If the state of the element has not changed and this property is populated, then it must be set to a 0 interval value. If a state change was requested, but rejected or not yet processed, the property must not be updated. | The date or time when the EnabledState of the element last changed. If the state of the element has not changed and this property is populated, then it must be set to a 0 interval value. If a state change was requested, but rejected or not yet processed, the property must not be updated. |
892 | AvailableRequestedStates indicates the possible values for the RequestedState parameter of the method RequestStateChange, used to initiate a state change. The values listed shall be a subset of the values contained in the RequestedStatesSupported property of the associated instance of CIM_EnabledLogicalElementCapabilities where the values selected are a function of the current state of the CIM_EnabledLogicalElement. This property may be non-null if an implementation is able to advertise the set of possible values as a function of the current state. This property shall be null if an implementation is unable to determine the set of possible values as a function of the current state. | AvailableRequestedStates indicates the possible values for the RequestedState parameter of the method RequestStateChange, used to initiate a state change. The values listed shall be a subset of the values contained in the RequestedStatesSupported property of the associated instance of CIM_EnabledLogicalElementCapabilities where the values selected are a function of the current state of the CIM_EnabledLogicalElement. This property may be non-null if an implementation is able to advertise the set of possible values as a function of the current state. This property shall be null if an implementation is unable to determine the set of possible values as a function of the current state. |
893 | Defer | Defer |
894 | TransitioningToState indicates the target state to which the instance is transitioning. A value of 5 "No Change" shall indicate that no transition is in progress.A value of 12 "Not Applicable" shall indicate the implementation does not support representing ongoing transitions. A value other than 5 or 12 shall identify the state to which the element is in the process of transitioning. |
TransitioningToState indicates the target state to which the instance is transitioning. A value of 5 "No Change" shall indicate that no transition is in progress.A value of 12 "Not Applicable" shall indicate the implementation does not support representing ongoing transitions. A value other than 5 or 12 shall identify the state to which the element is in the process of transitioning. |
895 | Requests that the state of the element be changed to the value specified in the RequestedState parameter. When the requested state change takes place, the EnabledState and RequestedState of the element will be the same. Invoking the RequestStateChange method multiple times could result in earlier requests being overwritten or lost. A return code of 0 shall indicate the state change was successfully initiated. A return code of 3 shall indicate that the state transition cannot complete within the interval specified by the TimeoutPeriod parameter. A return code of 4096 (0x1000) shall indicate the state change was successfully initiated, a ConcreteJob has been created, and its reference returned in the output parameter Job. Any other return code indicates an error condition. |
Requests that the state of the element be changed to the value specified in the RequestedState parameter. When the requested state change takes place, the EnabledState and RequestedState of the element will be the same. Invoking the RequestStateChange method multiple times could result in earlier requests being overwritten or lost. A return code of 0 shall indicate the state change was successfully initiated. A return code of 3 shall indicate that the state transition cannot complete within the interval specified by the TimeoutPeriod parameter. A return code of 4096 (0x1000) shall indicate the state change was successfully initiated, a ConcreteJob has been created, and its reference returned in the output parameter Job. Any other return code indicates an error condition. |
896 | Unknown or Unspecified Error | Unknown or Unspecified Error |
897 | Cannot complete within Timeout Period | Cannot complete within Timeout Period |
898 | Method Parameters Checked - Job Started | Method Parameters Checked - Job Started |
899 | The state requested for the element. This information will be placed into the RequestedState property of the instance if the return code of the RequestStateChange method is 0 (\'Completed with No Error\'), or 4096 (0x1000) (\'Job Started\'). Refer to the description of the EnabledState and RequestedState properties for the detailed explanations of the RequestedState values. | The state requested for the element. This information will be placed into the RequestedState property of the instance if the return code of the RequestStateChange method is 0 (\'Completed with No Error\'), or 4096 (0x1000) (\'Job Started\'). Refer to the description of the EnabledState and RequestedState properties for the detailed explanations of the RequestedState values. |
900 | May contain a reference to the ConcreteJob created to track the state transition initiated by the method invocation. | May contain a reference to the ConcreteJob created to track the state transition initiated by the method invocation. |
901 | A timeout period that specifies the maximum amount of time that the client expects the transition to the new state to take. The interval format must be used to specify the TimeoutPeriod. A value of 0 or a null parameter indicates that the client has no time requirements for the transition. If this property does not contain 0 or null and the implementation does not support this parameter, a return code of \'Use Of Timeout Parameter Not Supported\' shall be returned. |
A timeout period that specifies the maximum amount of time that the client expects the transition to the new state to take. The interval format must be used to specify the TimeoutPeriod. A value of 0 or a null parameter indicates that the client has no time requirements for the transition. If this property does not contain 0 or null and the implementation does not support this parameter, a return code of \'Use Of Timeout Parameter Not Supported\' shall be returned. |
902 | This class extends LogicalElement to abstract the concept of an element that is enabled and disabled, such as a LogicalDevice or a ServiceAccessPoint. | This class extends LogicalElement to abstract the concept of an element that is enabled and disabled, such as a LogicalDevice or a ServiceAccessPoint. |
903 | The Name property uniquely identifies the ServiceAccessPoint and provides an indication of the functionality that is managed. This functionality is described in more detail in the Description property of the object. | The Name property uniquely identifies the ServiceAccessPoint and provides an indication of the functionality that is managed. This functionality is described in more detail in the Description property of the object. |
904 | The CreationClassName of the scoping System. | The CreationClassName of the scoping System. |
905 | The Name of the scoping System. | The Name of the scoping System. |
906 | CIM_ServiceAccessPoint represents the ability to utilize or invoke a Service. Access points represent that a Service is made available for other entities to use. | CIM_ServiceAccessPoint represents the ability to utilize or invoke a Service. Access points represent that a Service is made available for other entities to use. |
907 | A string that identifies this ProtocolEndpoint with either a port or an interface on a device. To ensure uniqueness, the Name property should be prepended or appended with information from the Type or OtherTypeDescription properties. The method selected is described in the NameFormat property of this class. | A string that identifies this ProtocolEndpoint with either a port or an interface on a device. To ensure uniqueness, the Name property should be prepended or appended with information from the Type or OtherTypeDescription properties. The method selected is described in the NameFormat property of this class. |
908 | NameFormat contains the naming heuristic that is selected to ensure that the value of the Name property is unique. For example, you might choose to prepend the name of the port or interface with the Type of ProtocolEndpoint (for example, IPv4) of this instance followed by an underscore. | NameFormat contains the naming heuristic that is selected to ensure that the value of the Name property is unique. For example, you might choose to prepend the name of the port or interface with the Type of ProtocolEndpoint (for example, IPv4) of this instance followed by an underscore. |
909 | Note: This property is deprecated in lieu of the ProtocolIFType enumeration. This deprecation was done to have better alignment between the IF-MIB of the IETF and this CIM class. Deprecated description: ProtocolType is an enumeration that provides information to categorize and classify different instances of this class. For most instances, information in this enumeration and the definition of the subclass overlap. However, there are several cases where a specific subclass of ProtocolEndpoint is not required (for example, there is no Fibre Channel subclass of ProtocolEndpoint). Therefore, this property is needed to define the type of Endpoint. |
Note: This property is deprecated in lieu of the ProtocolIFType enumeration. This deprecation was done to have better alignment between the IF-MIB of the IETF and this CIM class. Deprecated description: ProtocolType is an enumeration that provides information to categorize and classify different instances of this class. For most instances, information in this enumeration and the definition of the subclass overlap. However, there are several cases where a specific subclass of ProtocolEndpoint is not required (for example, there is no Fibre Channel subclass of ProtocolEndpoint). Therefore, this property is needed to define the type of Endpoint. |
910 | IPX | IPX |
911 | AppleTalk | AppleTalk |
912 | DECnet | DECnet |
913 | SNA | SNA |
914 | CONP | CONP |
915 | CLNP | CLNP |
916 | VINES | VINES |
917 | XNS | XNS |
918 | ATM | ATM |
919 | Frame Relay | Frame Relay |
920 | Ethernet | Ethernet |
921 | TokenRing | TokenRing |
922 | FDDI | FDDI |
923 | Infiniband | Infiniband |
924 | Fibre Channel | Fibre Channel |
925 | ISDN BRI Endpoint | ISDN BRI Endpoint |
926 | ISDN B Channel Endpoint | ISDN B Channel Endpoint |
927 | ISDN D Channel Endpoint | ISDN D Channel Endpoint |
928 | IPv4/v6 | IPv4/v6 |
929 | BGP | BGP |
930 | OSPF | OSPF |
931 | MPLS | MPLS |
932 | UDP | UDP |
933 | TCP | TCP |
934 | ProtocolIFType is an enumeration that is synchronized with the IANA ifType MIB. The ifType MIB is maintained at the URL, http://www.iana.org/assignments/ianaiftype-mib. Also, additional values defined by the DMTF are included. The property is used to categorize and classify instances of the ProtocolEndpoint class. Note that if the ProtocolIFType is set to 1 (Other), then the type information should be provided in the OtherTypeDescription string property. | ProtocolIFType is an enumeration that is synchronized with the IANA ifType MIB. The ifType MIB is maintained at the URL, http://www.iana.org/assignments/ianaiftype-mib. Also, additional values defined by the DMTF are included. The property is used to categorize and classify instances of the ProtocolEndpoint class. Note that if the ProtocolIFType is set to 1 (Other), then the type information should be provided in the OtherTypeDescription string property. |
935 | Regular 1822 | Regular 1822 |
936 | HDH 1822 | HDH 1822 |
937 | DDN X.25 | DDN X.25 |
938 | RFC877 X.25 | RFC877 X.25 |
939 | Ethernet CSMA/CD | Ethernet CSMA/CD |
940 | ISO 802.3 CSMA/CD | ISO 802.3 CSMA/CD |
941 | ISO 802.4 Token Bus | ISO 802.4 Token Bus |
942 | ISO 802.5 Token Ring | ISO 802.5 Token Ring |
943 | ISO 802.6 MAN | ISO 802.6 MAN |
944 | StarLAN | StarLAN |
945 | Proteon 10Mbit | Proteon 10Mbit |
946 | Proteon 80Mbit | Proteon 80Mbit |
947 | HyperChannel | HyperChannel |
948 | LAP-B | LAP-B |
949 | SDLC | SDLC |
950 | DS1 | DS1 |
951 | E1 | E1 |
952 | Basic ISDN | Basic ISDN |
953 | Primary ISDN | Primary ISDN |
954 | Proprietary Point-to-Point Serial | Proprietary Point-to-Point Serial |
955 | PPP | PPP |
956 | Software Loopback | Software Loopback |
957 | EON | EON |
958 | Ethernet 3Mbit | Ethernet 3Mbit |
959 | NSIP | NSIP |
960 | SLIP | SLIP |
961 | Ultra | Ultra |
962 | DS3 | DS3 |
963 | SIP | SIP |
964 | RS-232 | RS-232 |
965 | Parallel | Parallel |
966 | ARCNet | ARCNet |
967 | ARCNet Plus | ARCNet Plus |
968 | MIO X.25 | MIO X.25 |
969 | SONET | SONET |
970 | X.25 PLE | X.25 PLE |
971 | ISO 802.211c | ISO 802.211c |
972 | LocalTalk | LocalTalk |
973 | SMDS DXI | SMDS DXI |
974 | Frame Relay Service | Frame Relay Service |
975 | V.35 | V.35 |
976 | HSSI | HSSI |
977 | HIPPI | HIPPI |
978 | Modem | Modem |
979 | AAL5 | AAL5 |
980 | SONET Path | SONET Path |
981 | SONET VT | SONET VT |
982 | SMDS ICIP | SMDS ICIP |
983 | Proprietary Virtual/Internal | Proprietary Virtual/Internal |
984 | Proprietary Multiplexor | Proprietary Multiplexor |
985 | IEEE 802.12 | IEEE 802.12 |
986 | HIPPI Interface | HIPPI Interface |
987 | Frame Relay Interconnect | Frame Relay Interconnect |
988 | ATM Emulated LAN for 802.3 | ATM Emulated LAN for 802.3 |
989 | ATM Emulated LAN for 802.5 | ATM Emulated LAN for 802.5 |
990 | ATM Emulated Circuit | ATM Emulated Circuit |
991 | Fast Ethernet (100BaseT) | Fast Ethernet (100BaseT) |
992 | ISDN | ISDN |
993 | V.11 | V.11 |
994 | V.36 | V.36 |
995 | G703 at 64K | G703 at 64K |
996 | G703 at 2Mb | G703 at 2Mb |
997 | QLLC | QLLC |
998 | Fast Ethernet 100BaseFX | Fast Ethernet 100BaseFX |
999 | Channel | Channel |
1000 | IEEE 802.11 | IEEE 802.11 |
1001 | IBM 260/370 OEMI Channel | IBM 260/370 OEMI Channel |
1002 | ESCON | ESCON |
1003 | Data Link Switching | Data Link Switching |
1004 | ISDN S/T Interface | ISDN S/T Interface |
1005 | ISDN U Interface | ISDN U Interface |
1006 | LAP-D | LAP-D |
1007 | IP Switch | IP Switch |
1008 | Remote Source Route Bridging | Remote Source Route Bridging |
1009 | ATM Logical | ATM Logical |
1010 | DS0 | DS0 |
1011 | DS0 Bundle | DS0 Bundle |
1012 | BSC | BSC |
1013 | Async | Async |
1014 | Combat Net Radio | Combat Net Radio |
1015 | ISO 802.5r DTR | ISO 802.5r DTR |
1016 | Ext Pos Loc Report System | Ext Pos Loc Report System |
1017 | AppleTalk Remote Access Protocol | AppleTalk Remote Access Protocol |
1018 | Proprietary Connectionless | Proprietary Connectionless |
1019 | ITU X.29 Host PAD | ITU X.29 Host PAD |
1020 | ITU X.3 Terminal PAD | ITU X.3 Terminal PAD |
1021 | Frame Relay MPI | Frame Relay MPI |
1022 | ITU X.213 | ITU X.213 |
1023 | ADSL | ADSL |
1024 | RADSL | RADSL |
1025 | SDSL | SDSL |
1026 | VDSL | VDSL |
1027 | ISO 802.5 CRFP | ISO 802.5 CRFP |
1028 | Myrinet | Myrinet |
1029 | Voice Receive and Transmit | Voice Receive and Transmit |
1030 | Voice Foreign Exchange Office | Voice Foreign Exchange Office |
1031 | Voice Foreign Exchange Service | Voice Foreign Exchange Service |
1032 | Voice Encapsulation | Voice Encapsulation |
1033 | Voice over IP | Voice over IP |
1034 | ATM DXI | ATM DXI |
1035 | ATM FUNI | ATM FUNI |
1036 | ATM IMA | ATM IMA |
1037 | PPP Multilink Bundle | PPP Multilink Bundle |
1038 | IP over CDLC | IP over CDLC |
1039 | IP over CLAW | IP over CLAW |
1040 | Stack to Stack | Stack to Stack |
1041 | Virtual IP Address | Virtual IP Address |
1042 | MPC | MPC |
1043 | IP over ATM | IP over ATM |
1044 | ISO 802.5j Fibre Token Ring | ISO 802.5j Fibre Token Ring |
1045 | TDLC | TDLC |
1046 | Gigabit Ethernet | Gigabit Ethernet |
1047 | HDLC | HDLC |
1048 | LAP-F | LAP-F |
1049 | V.37 | V.37 |
1050 | X.25 MLP | X.25 MLP |
1051 | X.25 Hunt Group | X.25 Hunt Group |
1052 | Transp HDLC | Transp HDLC |
1053 | Interleave Channel | Interleave Channel |
1054 | FAST Channel | FAST Channel |
1055 | IP (for APPN HPR in IP Networks) | IP (for APPN HPR in IP Networks) |
1056 | CATV MAC Layer | CATV MAC Layer |
1057 | CATV Downstream | CATV Downstream |
1058 | CATV Upstream | CATV Upstream |
1059 | Avalon 12MPP Switch | Avalon 12MPP Switch |
1060 | Tunnel | Tunnel |
1061 | Coffee | Coffee |
1062 | Circuit Emulation Service | Circuit Emulation Service |
1063 | ATM SubInterface | ATM SubInterface |
1064 | Layer 2 VLAN using 802.1Q | Layer 2 VLAN using 802.1Q |
1065 | Layer 3 VLAN using IP | Layer 3 VLAN using IP |
1066 | Layer 3 VLAN using IPX | Layer 3 VLAN using IPX |
1067 | Digital Power Line | Digital Power Line |
1068 | Multimedia Mail over IP | Multimedia Mail over IP |
1069 | DTM | DTM |
1070 | DCN | DCN |
1071 | IP Forwarding | IP Forwarding |
1072 | MSDSL | MSDSL |
1073 | IEEE 1394 | IEEE 1394 |
1074 | IF-GSN/HIPPI-6400 | IF-GSN/HIPPI-6400 |
1075 | DVB-RCC MAC Layer | DVB-RCC MAC Layer |
1076 | DVB-RCC Downstream | DVB-RCC Downstream |
1077 | DVB-RCC Upstream | DVB-RCC Upstream |
1078 | ATM Virtual | ATM Virtual |
1079 | MPLS Tunnel | MPLS Tunnel |
1080 | SRP | SRP |
1081 | Voice over ATM | Voice over ATM |
1082 | Voice over Frame Relay | Voice over Frame Relay |
1083 | ISDL | ISDL |
1084 | Composite Link | Composite Link |
1085 | SS7 Signaling Link | SS7 Signaling Link |
1086 | Proprietary P2P Wireless | Proprietary P2P Wireless |
1087 | Frame Forward | Frame Forward |
1088 | RFC1483 Multiprotocol over ATM | RFC1483 Multiprotocol over ATM |
1089 | USB | USB |
1090 | IEEE 802.3ad Link Aggregate | IEEE 802.3ad Link Aggregate |
1091 | BGP Policy Accounting | BGP Policy Accounting |
1092 | FRF .16 Multilink FR | FRF .16 Multilink FR |
1093 | H.323 Gatekeeper | H.323 Gatekeeper |
1094 | H.323 Proxy | H.323 Proxy |
1095 | Multi-Frequency Signaling Link | Multi-Frequency Signaling Link |
1096 | HDSL-2 | HDSL-2 |
1097 | S-HDSL | S-HDSL |
1098 | DS1 Facility Data Link | DS1 Facility Data Link |
1099 | Packet over SONET/SDH | Packet over SONET/SDH |
1100 | DVB-ASI Input | DVB-ASI Input |
1101 | DVB-ASI Output | DVB-ASI Output |
1102 | Power Line | Power Line |
1103 | Non Facility Associated Signaling | Non Facility Associated Signaling |
1104 | TR008 | TR008 |
1105 | GR303 RDT | GR303 RDT |
1106 | GR303 IDT | GR303 IDT |
1107 | ISUP | ISUP |
1108 | Proprietary Wireless MAC Layer | Proprietary Wireless MAC Layer |
1109 | Proprietary Wireless Downstream | Proprietary Wireless Downstream |
1110 | Proprietary Wireless Upstream | Proprietary Wireless Upstream |
1111 | HIPERLAN Type 2 | HIPERLAN Type 2 |
1112 | Proprietary Broadband Wireless Access Point to Mulipoint | Proprietary Broadband Wireless Access Point to Mulipoint |
1113 | SONET Overhead Channel | SONET Overhead Channel |
1114 | Digital Wrapper Overhead Channel | Digital Wrapper Overhead Channel |
1115 | ATM Adaptation Layer 2 | ATM Adaptation Layer 2 |
1116 | Radio MAC | Radio MAC |
1117 | ATM Radio | ATM Radio |
1118 | Inter Machine Trunk | Inter Machine Trunk |
1119 | MVL DSL | MVL DSL |
1120 | Long Read DSL | Long Read DSL |
1121 | Frame Relay DLCI Endpoint | Frame Relay DLCI Endpoint |
1122 | ATM VCI Endpoint | ATM VCI Endpoint |
1123 | Optical Channel | Optical Channel |
1124 | Optical Transport | Optical Transport |
1125 | Proprietary ATM | Proprietary ATM |
1126 | Voice over Cable | Voice over Cable |
1127 | TE Link | TE Link |
1128 | Q.2931 | Q.2931 |
1129 | Virtual Trunk Group | Virtual Trunk Group |
1130 | SIP Trunk Group | SIP Trunk Group |
1131 | SIP Signaling | SIP Signaling |
1132 | CATV Upstream Channel | CATV Upstream Channel |
1133 | Econet | Econet |
1134 | FSAN 155Mb PON | FSAN 155Mb PON |
1135 | FSAN 622Mb PON | FSAN 622Mb PON |
1136 | Transparent Bridge | Transparent Bridge |
1137 | Line Group | Line Group |
1138 | Voice E&M Feature Group | Voice E&M Feature Group |
1139 | Voice FGD EANA | Voice FGD EANA |
1140 | Voice DID | Voice DID |
1141 | MPEG Transport | MPEG Transport |
1142 | 6To4 | 6To4 |
1143 | GTP | GTP |
1144 | Paradyne EtherLoop 1 | Paradyne EtherLoop 1 |
1145 | Paradyne EtherLoop 2 | Paradyne EtherLoop 2 |
1146 | Optical Channel Group | Optical Channel Group |
1147 | HomePNA | HomePNA |
1148 | GFP | GFP |
1149 | ciscoISLvlan | ciscoISLvlan |
1150 | actelisMetaLOOP | actelisMetaLOOP |
1151 | Fcip | Fcip |
1152 | IANA Reserved | IANA Reserved |
1153 | 802.11a | 802.11a |
1154 | 802.11b | 802.11b |
1155 | 802.11g | 802.11g |
1156 | 802.11h | 802.11h |
1157 | NFS | NFS |
1158 | CIFS | CIFS |
1159 | DAFS | DAFS |
1160 | WebDAV | WebDAV |
1161 | HTTP | HTTP |
1162 | FTP | FTP |
1163 | NDMP | NDMP |
1164 | Telnet | Telnet |
1165 | SSH | SSH |
1166 | SM CLP | SM CLP |
1167 | SMTP | SMTP |
1168 | LDAP | LDAP |
1169 | RDP | RDP |
1170 | HTTPS | HTTPS |
1171 | A string that describes the type of ProtocolEndpoint when the Type property of this class (or any of its subclasses) is set to 1 (Other). This property should be set to null when the Type property is any value other than 1. | A string that describes the type of ProtocolEndpoint when the Type property of this class (or any of its subclasses) is set to 1 (Other). This property should be set to null when the Type property is any value other than 1. |
1172 | A communication point from which data can be sent or received. ProtocolEndpoints link system or computer interfaces to LogicalNetworks. | A communication point from which data can be sent or received. ProtocolEndpoints link system or computer interfaces to LogicalNetworks. |
1173 | 2.15.0 | 2.15.0 |
1174 | InstallDate records when the SA (and its endpoint) was created. | InstallDate records when the SA (and its endpoint) was created. |
1175 | LifetimeSeconds specifies the maximum time that the SA will be considered valid after it has been created. A value of zero indicates that the default of 8 hours be used. A non-zero value indicates the seconds lifetime. | LifetimeSeconds specifies the maximum time that the SA will be considered valid after it has been created. A value of zero indicates that the default of 8 hours be used. A non-zero value indicates the seconds lifetime. |
1176 | RefreshThresholdSecondsPercentage is the lifetime percentage after which a new SA should be acquired, before the existing SA expires. A random period may be added to a calculated threshold to reduce network thrashing. | RefreshThresholdSecondsPercentage is the lifetime percentage after which a new SA should be acquired, before the existing SA expires. A random period may be added to a calculated threshold to reduce network thrashing. |
1177 | IdleDurationSeconds specifies how long the SA can be idle before it is deleted. The default value, 0, indicates that there is no idle timeout period. | IdleDurationSeconds specifies how long the SA can be idle before it is deleted. The default value, 0, indicates that there is no idle timeout period. |
1178 | LifetimeKilobytes specifies the maximum number of kilobytes of data traffic to be protected by the SA. A value of zero (the default) indicates that there should be no maximum kilobyte lifetime. A non-zero value specifies the desired kilobyte lifetime. The SA is deleted when the LifetimeKilobyte value is exceeded. | LifetimeKilobytes specifies the maximum number of kilobytes of data traffic to be protected by the SA. A value of zero (the default) indicates that there should be no maximum kilobyte lifetime. A non-zero value specifies the desired kilobyte lifetime. The SA is deleted when the LifetimeKilobyte value is exceeded. |
1179 | RefreshThresholdKbytesPercentage is the lifetime percentage of kilobytes processed, at which a new SA should be acquired. A random value may be added to the calculated threshold to reduce network thrashing. | RefreshThresholdKbytesPercentage is the lifetime percentage of kilobytes processed, at which a new SA should be acquired. A random value may be added to the calculated threshold to reduce network thrashing. |
1180 | PacketLoggingActive causes a log to be kept of traffic processed by the SAEndpoint. | PacketLoggingActive causes a log to be kept of traffic processed by the SAEndpoint. |
1181 | SecurityAssociationEndpoint (SAEndpoint) represents the endpoint of a secure connection. This is typically an IP connection, although the model allows more flexibility than just IP. The SecurityAssociationEndpoint is tied to an IPProtocolEndpoint (or possibly other endpoint) using the LogicalIdentity association. Note that an endpoint is defined at both ends of the connection. | SecurityAssociationEndpoint (SAEndpoint) represents the endpoint of a secure connection. This is typically an IP connection, although the model allows more flexibility than just IP. The SecurityAssociationEndpoint is tied to an IPProtocolEndpoint (or possibly other endpoint) using the LogicalIdentity association. Note that an endpoint is defined at both ends of the connection. |
1182 | Identifier of the IKE phase 1 negotiation initiator. Combined with the ResponderCookie, this value, in string form, may be used to construct the value of the key field \'Name\', inherited from ServiceAccessPoint. | Identifier of the IKE phase 1 negotiation initiator. Combined with the ResponderCookie, this value, in string form, may be used to construct the value of the key field \'Name\', inherited from ServiceAccessPoint. |
1183 | Identifier of the IKE phase 1 negotiation responder. Combined with the InitiatorCookie, this value, in string form, may be used to construct the value of the key field \'Name\', inherited from ServiceAccessPoint. | Identifier of the IKE phase 1 negotiation responder. Combined with the InitiatorCookie, this value, in string form, may be used to construct the value of the key field \'Name\', inherited from ServiceAccessPoint. |
1184 | CipherAlgorithm is an enumeration that specifies the encryption algorithm used by the IKESAEndpoint. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list, since the values of Unknown and Other are taken into account. | CipherAlgorithm is an enumeration that specifies the encryption algorithm used by the IKESAEndpoint. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list, since the values of Unknown and Other are taken into account. |
1185 | HashAlgorithm is an enumeration that specifies the hash function used by the IKESAEndpoint. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list, since the values of Unknown and Other are taken into account. | HashAlgorithm is an enumeration that specifies the hash function used by the IKESAEndpoint. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list, since the values of Unknown and Other are taken into account. |
1186 | AuthenticationMethod is an enumeration that specifies the operation of the IKESAEndpoint. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list, since the values of Unknown and Other are taken into account. | AuthenticationMethod is an enumeration that specifies the operation of the IKESAEndpoint. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list, since the values of Unknown and Other are taken into account. |
1187 | GroupId specifies the key exchange group ID. If the GroupID number is from the vendor-specific range (32768-65535), the VendorID qualifies the group number. Well-known group identifiers from RFC2412, Appendix E, are: Group 1=\'768 bit prime\', Group 2=\'1024 bit prime\', Group 3= \'Elliptic Curve Group with 155 bit field element\', Group 4= \'Large Elliptic Curve Group with 185 bit field element\', and Group 5=\'1536 bit prime\'. | GroupId specifies the key exchange group ID. If the GroupID number is from the vendor-specific range (32768-65535), the VendorID qualifies the group number. Well-known group identifiers from RFC2412, Appendix E, are: Group 1=\'768 bit prime\', Group 2=\'1024 bit prime\', Group 3= \'Elliptic Curve Group with 155 bit field element\', Group 4= \'Large Elliptic Curve Group with 185 bit field element\', and Group 5=\'1536 bit prime\'. |
1188 | IKESAEndpoint is created in the first phase of SA negotiation and protects the key negotiation traffic. This endpoint is only created when IKE is the key exchange protocol. Other protocols and their endpoints will be defined in a future release. | IKESAEndpoint is created in the first phase of SA negotiation and protects the key negotiation traffic. This endpoint is only created when IKE is the key exchange protocol. Other protocols and their endpoints will be defined in a future release. |
1189 | The actual encryption algorithm used by the SA. | The actual encryption algorithm used by the SA. |
1190 | The actual hash algorithm used by the SA. | The actual hash algorithm used by the SA. |
1191 | The property GroupId gives the phase 1 security association key exchange group. Well-known group identifiers from RFC2412, Appendix E, are: Group 1='768 bit prime', Group 2='1024 bit prime', Group 3 ='Elliptic Curve Group with 155 bit field element', Group 4= 'Large Elliptic Curve Group with 185 bit field element', and Group 5='1536 bit prime'. Note that only groups 1, 2, 14, 19, 20, and 24 are acceptable in Windows 8. | The property GroupId gives the phase 1 security association key exchange group. Well-known group identifiers from RFC2412, Appendix E, are: Group 1='768 bit prime', Group 2='1024 bit prime', Group 3 ='Elliptic Curve Group with 155 bit field element', Group 4= 'Large Elliptic Curve Group with 185 bit field element', and Group 5='1536 bit prime'. Note that only groups 1, 2, 14, 19, 20, and 24 are acceptable in Windows 8. |
1192 | The Key Module used to negotiate the SA and its child SA's. | The Key Module used to negotiate the SA and its child SA's. |
1193 | The address of the local endpoint the SA applies to. | The address of the local endpoint the SA applies to. |
1194 | The address of the remote endpoint the SA applies to. | The address of the remote endpoint the SA applies to. |
1195 | The maximum number of Quick Mode SA's that may be established with this SA before it must be renegotiated. | The maximum number of Quick Mode SA's that may be established with this SA before it must be renegotiated. |
1196 | The first authentication local identity | The first authentication local identity |
1197 | The second authentication local identity | The second authentication local identity |
1198 | The first authentication remote identity | The first authentication remote identity |
1199 | The second authentication remote identity | The second authentication remote identity |
1200 | Extensions to GroupId | Extensions to GroupId |
1201 | Filter ID from the QM policy matching the extended mode filter | Filter ID from the QM policy matching the extended mode filter |
1202 | Local UDP encapsulation port for NAT-T | Local UDP encapsulation port for NAT-T |
1203 | Remote UDP encapsulation port for NAT-T | Remote UDP encapsulation port for NAT-T |
1204 | GUID of the main mode policy provider context corresponding to this SA | GUID of the main mode policy provider context corresponding to this SA |
1205 | ID/Handle to virtual interface tunneling state | ID/Handle to virtual interface tunneling state |
1206 | A MainMode SA. | A MainMode SA. |
1207 | SPI contains the Security Parameter Index of the SA. This value in string form may also be used in the key field \'Name\' inherited from ServiceAccessPoint. | SPI contains the Security Parameter Index of the SA. This value in string form may also be used in the key field \'Name\' inherited from ServiceAccessPoint. |
1208 | InboundDirection specifies whether the SA applies to inbound (TRUE) or outbound (FALSE) traffic. | InboundDirection specifies whether the SA applies to inbound (TRUE) or outbound (FALSE) traffic. |
1209 | EncapsulationMode indicates whether the IPsecSAEndpoint uses transport or tunnel encapsulation. | EncapsulationMode indicates whether the IPsecSAEndpoint uses transport or tunnel encapsulation. |
1210 | Transport | Transport |
1211 | DFHandling controls how the \'Don\'t Fragment\' bit is managed by the IPsecSAEndpoint. | DFHandling controls how the \'Don\'t Fragment\' bit is managed by the IPsecSAEndpoint. |
1212 | Copy from Internal to External IP Header | Copy from Internal to External IP Header |
1213 | Set DF Bit in External Header to 1 | Set DF Bit in External Header to 1 |
1214 | Set DF Bit in External Header to 0 | Set DF Bit in External Header to 0 |
1215 | PFSInUse indicates whether perfect forward secrecy is required when refreshing keys. | PFSInUse indicates whether perfect forward secrecy is required when refreshing keys. |
1216 | IPsecSAEndpoints are types of SecurityAssociationEndpoints representing both negotiated and static SAs that correspond to AH, ESP, or IPCOMP transforms. | IPsecSAEndpoints are types of SecurityAssociationEndpoints representing both negotiated and static SAs that correspond to AH, ESP, or IPCOMP transforms. |
1217 | The local machine port the SA applies to, or 0 for all ports. | The local machine port the SA applies to, or 0 for all ports. |
1218 | The remote machine port the SA applies to, or 0 for all ports. | The remote machine port the SA applies to, or 0 for all ports. |
1219 | If traffic type is transport mode, this is the LUID of the FWPS transport layer filter corresponding to this traffic. If traffic type is tunnel mode, this is the LUID of the associated QM policy. In tunnel mode, this represents the QM traffic selectors for the tunnel | If traffic type is transport mode, this is the LUID of the FWPS transport layer filter corresponding to this traffic. If traffic type is tunnel mode, this is the LUID of the associated QM policy. In tunnel mode, this represents the QM traffic selectors for the tunnel |
1220 | IP protocol for this traffic. Only specified if the traffic is more general than the matching filter | IP protocol for this traffic. Only specified if the traffic is more general than the matching filter |
1221 | Local interface alias | Local interface alias |
1222 | The profile ID corresponding to the actual interface that the traffic is going out on or coming in from the wire. | The profile ID corresponding to the actual interface that the traffic is going out on or coming in from the wire. |
1223 | Local Udp encapsulation port for NAT traversal | Local Udp encapsulation port for NAT traversal |
1224 | Remote Udp encapsulation port for NAT traversal | Remote Udp encapsulation port for NAT traversal |
1225 | SA Flags | SA Flags |
1226 | NdSecure | NdSecure |
1227 | NdBoundary | NdBoundary |
1228 | NdPeerNatBoundary | NdPeerNatBoundary |
1229 | GuaranteeEncryption | GuaranteeEncryption |
1230 | NLB | NLB |
1231 | NoMachineLuidVerify | NoMachineLuidVerify |
1232 | NoImpersonationLuidVerify | NoImpersonationLuidVerify |
1233 | NoExplicitCredMatch | NoExplicitCredMatch |
1234 | AllowNullTargetNameMatch | AllowNullTargetNameMatch |
1235 | ClearDfOnTunnel | ClearDfOnTunnel |
1236 | AssumeUdpContextOutbound | AssumeUdpContextOutbound |
1237 | NdPeerBoundary | NdPeerBoundary |
1238 | SuppressDuplicateDeletion | SuppressDuplicateDeletion |
1239 | PeerSupportsGuaranteeEncryption | PeerSupportsGuaranteeEncryption |
1240 | ForceInboundConnections | ForceInboundConnections |
1241 | ForceOutboundConnections | ForceOutboundConnections |
1242 | ForwardPathInitiator | ForwardPathInitiator |
1243 | Name of the matching transport filter | Name of the matching transport filter |
1244 | Id of the associated Main Mode | Id of the associated Main Mode |
1245 | First Transform type | First Transform type |
1246 | Ah | Ah |
1247 | Esp-auth | Esp-auth |
1248 | Esp-cipher | Esp-cipher |
1249 | Esp-auth-and-cipher | Esp-auth-and-cipher |
1250 | Esp-auth-firewall | Esp-auth-firewall |
1251 | The integrity algorithm for the first operation | The integrity algorithm for the first operation |
1252 | The cipher algorithm for the first operation | The cipher algorithm for the first operation |
1253 | Second Transform type | Second Transform type |
1254 | The integrity algorithm for the second operation | The integrity algorithm for the second operation |
1255 | The cipher algorithm for the second operation | The cipher algorithm for the second operation |
1256 | The spi for the first operation | The spi for the first operation |
1257 | Private address of peer behind NAT | Private address of peer behind NAT |
1258 | Perfect forward secrecy group id | Perfect forward secrecy group id |
1259 | Same as Main Mode | Same as Main Mode |
1260 | LUID of the FWPS_LAYER_IPSEC_XX layer FWPS filter corresponding to this SA | LUID of the FWPS_LAYER_IPSEC_XX layer FWPS filter corresponding to this SA |
1261 | Liftime by number of packets | Liftime by number of packets |
1262 | Timeout after which the IPsec SA should stop accepting packets coming in the clear in negotiation discovery mode | Timeout after which the IPsec SA should stop accepting packets coming in the clear in negotiation discovery mode |
1263 | Network Access Protection context | Network Access Protection context |
1264 | Identifier for tiebraking simultaneous SAs | Identifier for tiebraking simultaneous SAs |
1265 | ID/Handle to Virtual-IF tunnel state | ID/Handle to Virtual-IF tunnel state |
1266 | ID/Handle to Virtual-IF traffic selector(s) | ID/Handle to Virtual-IF traffic selector(s) |
1267 | Main Mode target SPN | Main Mode target SPN |
1268 | Extended Mode target SPN | Extended Mode target SPN |
1269 | Optional handle to explicit credentials | Optional handle to explicit credentials |
1270 | A Quick Mode SA. | A Quick Mode SA. |
1271 | Antecedent represents the independent object in this association. | Antecedent represents the independent object in this association. |
1272 | Dependent represents the object that is dependent on the Antecedent. | Dependent represents the object that is dependent on the Antecedent. |
1273 | CIM_Dependency is a generic association used to establish dependency relationships between ManagedElements. | CIM_Dependency is a generic association used to establish dependency relationships between ManagedElements. |
1274 | Phase 1 SAEndpoint that protected the negotiation of the phase 2 Security Association. An example of a phase 1 endpoint is an IKESAEndpoint. | Phase 1 SAEndpoint that protected the negotiation of the phase 2 Security Association. An example of a phase 1 endpoint is an IKESAEndpoint. |
1275 | The phase 2 SAEndpoint. | The phase 2 SAEndpoint. |
1276 | Phase1SAUsedForPhase2 associates a phase 1 endpoint (such as an IKESAEndpoint) with an IPsecSAEndpoint that was negotiated using that phase 1 Security Association. | Phase1SAUsedForPhase2 associates a phase 1 endpoint (such as an IKESAEndpoint) with an IPsecSAEndpoint that was negotiated using that phase 1 Security Association. |
1277 | Read a GPO, and cache results locally | Read a GPO, and cache results locally |
1278 | Output GPO Session identifier | Output GPO Session identifier |
1279 | Write the local cached GPO info back to AD | Write the local cached GPO info back to AD |
1280 | This class does not have any instances. It is used to manage locally-cached Group Policy Objects. | This class does not have any instances. It is used to manage locally-cached Group Policy Objects. |
0x1 | The IPsec DoSP settings are corrupt for the NetIPsecDoSPSetting WMI Object with name: %1Please use %2 to restore them. | The IPsec DoSP settings are corrupt for the NetIPsecDoSPSetting WMI Object with name: %1Please use %2 to restore them. |
0x2 | Fragment grouping must be enabled in order for DoSP settings to function correctly. Please run these commands to enable fragment grouping.%1%2 | Fragment grouping must be enabled in order for DoSP settings to function correctly. Please run these commands to enable fragment grouping.%1%2 |
0x3 | At least one server or domain name must be specified. | At least one server or domain name must be specified. |
0x4 | The specified EndpointType is invalid. | The specified EndpointType is invalid. |
0x5 | This edition of Windows does not support the requested functionality. | This edition of Windows does not support the requested functionality. |
0x6 | %1 %2: %3 | %1 %2: %3 |
0x7 | %1-%2 %3: %4 | %1-%2 %3: %4 |
0x8 | Cannot access the remote domain %1. This may be caused by not having credentials configured for multiple hops over the network. | Cannot access the remote domain %1. This may be caused by not having credentials configured for multiple hops over the network. |
0x9 | The OutboundSecurity/InboundSecurity combination is invalid. Acceptable values for transport mode are None/None, Request/Request, Request/Require, andRequire/Require. | The OutboundSecurity/InboundSecurity combination is invalid. Acceptable values for transport mode are None/None, Request/Request, Request/Require, andRequire/Require. |
0xA | The OutboundSecurity/InboundSecurity combination is invalid. Acceptable values for tunnel mode are None/None, Require/Require, and None/Require. | The OutboundSecurity/InboundSecurity combination is invalid. Acceptable values for tunnel mode are None/None, Require/Require, and None/Require. |
0xB | The Authentication/Encryption combination is invalid. Acceptable values are:NotRequired/NotRequiredRequired/RequiredRequired/NotRequiredRequired/DynamicNoEncap/NotRequired | The Authentication/Encryption combination is invalid. Acceptable values are:NotRequired/NotRequiredRequired/RequiredRequired/NotRequiredRequired/DynamicNoEncap/NotRequired |
0xC | The Key Module is invalid. | The Key Module is invalid. |
0xD | A local tunnel endpoint can only be an IPv4 address and/or an IPv6 address. Subnets and ranges are not allowed. | A local tunnel endpoint can only be an IPv4 address and/or an IPv6 address. Subnets and ranges are not allowed. |
0xE | A remote tunnel endpoint can only contain addresses. Subnets and ranges are not allowed. | A remote tunnel endpoint can only contain addresses. Subnets and ranges are not allowed. |
0xF | Tunnel mode properties cannot be applied to transport-mode rules. | Tunnel mode properties cannot be applied to transport-mode rules. |
0x10 | User and machine authentication may only be applied to Allow rules. | User and machine authentication may only be applied to Allow rules. |
0x11 | The run-time type of the field does not match the declared type. This indicates that theprovider is incorrectly registered in the WMI store. | The run-time type of the field does not match the declared type. This indicates that theprovider is incorrectly registered in the WMI store. |
0x12 | An error occurred while retrieving information about the Group Policy container from the Domain Controller. | An error occurred while retrieving information about the Group Policy container from the Domain Controller. |
0x13 | Invalid Parameter: %1 | Invalid Parameter: %1 |
0x14 | Unable to parse the GUID. | Unable to parse the GUID. |
0x15 | Unable to parse Platform string. The format is X[.Y][+], where X is the OS major version, and Y is anoptional minor version. + means \"or greater\". For example, these are valid platform strings: 6, 6.0, 6.0+ | Unable to parse Platform string. The format is X[.Y][+], where X is the OS major version, and Y is anoptional minor version. + means \"or greater\". For example, these are valid platform strings: 6, 6.0, 6.0+ |
0x16 | The address is invalid. Addresses may be specified as IP addresses, ranges, or subnets. Also, the following address keywords are allowed in certain places: LocalSubnet, DNS, DHCP, WINS, DefaultGateway, Internet, Intranet, IntranetRemoteAccess, PlayToDevice. Keywords can be restricted to IPv4 or IPv6 by appending a 4 or 6. | The address is invalid. Addresses may be specified as IP addresses, ranges, or subnets. Also, the following address keywords are allowed in certain places: LocalSubnet, DNS, DHCP, WINS, DefaultGateway, Internet, Intranet, IntranetRemoteAccess, PlayToDevice. Keywords can be restricted to IPv4 or IPv6 by appending a 4 or 6. |
0x17 | The port is invalid. When Protocol is TCP or UDP, individual ports or ranges are allowed. Also, the following port keywords are allowed on Firewall Rules: RPC, RPCEPMap, Teredo, IPHTTPSIn, IPHTTPSOut, PlayToDiscovery. | The port is invalid. When Protocol is TCP or UDP, individual ports or ranges are allowed. Also, the following port keywords are allowed on Firewall Rules: RPC, RPCEPMap, Teredo, IPHTTPSIn, IPHTTPSOut, PlayToDiscovery. |
0x18 | The protocol is invalid. | The protocol is invalid. |
0x19 | ICMP Type:Code pairs are only supported in Firewall rules. | ICMP Type:Code pairs are only supported in Firewall rules. |
0x1A | The default object %1 is not present in the current store. To find this object, execute the query against the %2. | The default object %1 is not present in the current store. To find this object, execute the query against the %2. |
0x1B | The specified interface was not found on the system. | The specified interface was not found on the system. |
0x1C | The ICMP type/code entry is invalid. When Protocol is ICMPv4 or ICMPv6, type:code pairs are allowed. | The ICMP type/code entry is invalid. When Protocol is ICMPv4 or ICMPv6, type:code pairs are allowed. |
0x1D | When specifying Auth or Crypto Sets, you must use the Name of the set. You cannot pass the object directly. | When specifying Auth or Crypto Sets, you must use the Name of the set. You cannot pass the object directly. |
0x1E | DynamicTransport is only valid for firewall rules. | DynamicTransport is only valid for firewall rules. |
0x1F | The key encoding is invalid. | The key encoding is invalid. |
0x20 | The cert validation level is invalid. | The cert validation level is invalid. |
0x21 | The IPsec NAT traversal setting is invalid. | The IPsec NAT traversal setting is invalid. |
0x22 | The ID is invalid. | The ID is invalid. |
0x23 | The packet queuing flags are invalid. | The packet queuing flags are invalid. |
0x24 | RemoteAddress must be specified. | RemoteAddress must be specified. |
0x25 | Both IP addresses must be from the same address family. | Both IP addresses must be from the same address family. |
File Description: | Network Management Value Objects |
File Version: | 10.0.15063.0 (WinBuild.160101.0800) |
Company Name: | Microsoft Corporation |
Internal Name: | wfascim.dll |
Legal Copyright: | © Microsoft Corporation. All rights reserved. |
Original Filename: | wfascim.dll.mui |
Product Name: | Microsoft® Windows® Operating System |
Product Version: | 10.0.15063.0 |
Translation: | 0x404, 1200 |