Class aaa:UserEp (CONCRETE)

Class ID:1491
Class Label: User Management
Encrypted: false - Exportable: true - Persistent: true - Configurable: true - Subject to Quota: Disabled - Abstraction Layer: Ambiguous Placement in the Model
Write Access: [aaa, admin]
Read Access: [aaa, admin]
Creatable/Deletable: no (see Container Mos for details)
Semantic Scope: Fabric
Semantic Scope Evaluation Rule: Parent
Monitoring Policy Source: Parent
Monitoring Flags : [ IsObservable: true, HasStats: false, HasFaults: false, HasHealth: true, HasEventRules: false ]

A user endpoint is a local user. A user is assigned a role determines the user's privileges, and belongs to a security domain, which determines the user's scope of control

Naming Rules
RN FORMAT: userext

    [1] PREFIX=userext


DN FORMAT: 

[1] uni/userext

                


Diagram

Super Mo: aaa:Definition,
Container Mos: pol:Uni (deletable:no),
Contained Mos: aaa:AppUser, aaa:AuthRealm, aaa:Banner, aaa:Domain, aaa:Ep, aaa:FabricSec, aaa:FactoryRole, aaa:LdapEp, aaa:LoginDomain, aaa:PingEp, aaa:PreLoginBanner, aaa:PwdProfile, aaa:PwdStrengthProfile, aaa:RadiusEp, aaa:Realm, aaa:RemoteUser, aaa:Role, aaa:RsaEp, aaa:SamlEp, aaa:TacacsPlusEp, aaa:User, aaa:UserConf, aaa:VMMCertificateRule, opflex:ODevEp, pki:Ep, tag:Annotation, tag:Tag,
Relations From: fabric:SecRelnHolder, aaa:SecRelnHolder,
Relations: aaa:RsToUserEp, aaa:RtResUserEp, aaa:RtToUserEp, aaa:RtUserEp,


Containers Hierarchies
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] ctx:Local The local Context.
 
 
 
 
 ├
[V] ctx:Application The context application.
 
 
 
 
 
 ├
[V] pol:Uni Represents policy definition/resolution universe.
 
 
 
 
 
 
 ├
[V] aaa:UserEp A user endpoint is a local user. A user is assigned a role determines the user's privileges, and belongs to a security domain, which determines the user's scope of control
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] pol:Uni Represents policy definition/resolution universe.
 
 ├
[V] aaa:UserEp A user endpoint is a local user. A user is assigned a role determines the user's privileges, and belongs to a security domain, which determines the user's scope of control


Contained Hierarchy
[V] aaa:UserEp A user endpoint is a local user. A user is assigned a role determines the user's privileges, and belongs to a security domain, which determines the user's scope of control
 ├
[V] aaa:AppUser 
 
 ├
[V] aaa:UserCert An AAA user certificate in X.509 format. This certificate is the RSA public key used for certificate-based REST API calls.
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:UserDomain The AAA domain to which the user belongs.
 
 
 ├
[V] aaa:UserRole The privilege bitmask of a user domain.
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 ├
[V] aaa:AuthRealm An authentication realm provides authentication to verify the identity of an entity (person or device) accessing fabric devices. The authentication is based on the user ID and password combination provided by the entity trying to access the fabric. Authentication can be performed locally, using the local lookup database, or by remote, using one or more RADIUS or TACACS+ servers.
 
 ├
[V] aaa:ConsoleAuth The authentication configuration for console login.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:DefaultAuth The default authentication configuration for all login methods.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:RtResAuthRealm A target relation to an authentication realm. This object is managed internally and should not be modified by the user.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:Banner An abstract class that contains login banners and cannot be instantiated.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 ├
[V] aaa:Domain An AAA domain is the AAA security method for processing authentication requests.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:Ep The base class for an AAA endpoint is an abstract class and cannot be instantiated.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 ├
[V] aaa:FabricSec 
 
 ├
[V] aaa:RtCtrlrFipsMode 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:FactoryRole 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:LdapEp The global security management properties for LDAP endpoints and LDAP provider groups.
 
 ├
[V] aaa:LdapGroupMap  The MO represents an LDAP Group Map
 
 
 ├
[V] aaa:LdapGroupMapRuleRef  The MO points to actual Ldap Rules
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:LdapGroupMapRule  The MO represents an LDAP Group Map Rule The actual Map consisting of Domains and Roles
 
 
 ├
[V] aaa:UserDomain The AAA domain to which the user belongs.
 
 
 
 ├
[V] aaa:UserRole The privilege bitmask of a user domain.
 
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 
 ├
[V] tag:Tag 
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:LdapProvider An LDAP provider is a remote server supporting the LDAP protocol that will be used for authentication.
 
 
 ├
[V] aaa:RsProvToEpp 
 
 
 ├
[V] aaa:RsSecProvToEpg A source relation to the endpoint group through which the provider server is reachable.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:LdapProviderGroup An LDAP provider group is a group of remote servers supporting the LDAP protocol for authentication.
 
 
 ├
[V] aaa:ProviderRef A member of an AAA provider group.
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:RtResLdapEp A target relation to the global security management properties for LDAP endpoints and LDAP provider groups. This object is managed internally and should not be modified by the user.
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:LoginDomain An AAA login domain for authentication and authorization. The AAA configuration can be configured per domain.
 
 ├
[V] aaa:DomainAuth The authentication configuration for a domain login.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:RtLoginDomain A target relation to an AAA login domain for authentication and authorization.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:PingEp 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:PreLoginBanner A GUI banner is the informational banner to be displayed before user login authentication.
 
 ├
[V] aaa:RtPreLoginBanner A target relation to the informational banner displayed before user login authentication.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:PwdProfile The password profile contains the information about password constraints that apply to all local users.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:PwdStrengthProfile 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:RadiusEp The RADIUS endpoint policy is the global security management properties for RADIUS endpoints and RADIUS provider groups.
 
 ├
[V] aaa:RadiusProvider A RADIUS provider is a remote server supporting the RADIUS protocol that will be used for authentication.
 
 
 ├
[V] aaa:RsProvToEpp 
 
 
 ├
[V] aaa:RsSecProvToEpg A source relation to the endpoint group through which the provider server is reachable.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:RadiusProviderGroup A RADIUS provider group is a group of remote servers supporting the RADIUS protocol for authentication.
 
 
 ├
[V] aaa:ProviderRef A member of an AAA provider group.
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] aaa:RtAaaRadiusProviderGroup 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:RtResRadiusEp A target relation to the RADIUS endpoint policy. This object is managed internally and should not be modified by the user.
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:Realm The AAA realm is the security method for processing authentication and authorization requests. The realm allows the protected resources on the associated server to be partitioned into a set of protection spaces, each with its own authentication authorization database. This is an abstract class and cannot be instantiated.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 ├
[V] aaa:RemoteUser The remote user login account.
 
 ├
[V] aaa:UserDomain The AAA domain to which the user belongs.
 
 
 ├
[V] aaa:UserRole The privilege bitmask of a user domain.
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:Role An AAA role is a set of attributes and privileges that describe what a user is authorized to perform.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:RsToUserEp 
 ├
[V] aaa:RsaEp 
 
 ├
[V] aaa:RsaProvider 
 
 
 ├
[V] aaa:RsProvToEpp 
 
 
 ├
[V] aaa:RsSecProvToEpg A source relation to the endpoint group through which the provider server is reachable.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:RsaProviderGroup  This MO represents a group of AAA RSA servers.
 
 
 ├
[V] aaa:ProviderRef A member of an AAA provider group.
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:RtResRsaEp 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:RtResUserEp A target relation to the user endpoint. This object is managed internally and should not be modified by the user.
 ├
[V] aaa:RtToUserEp 
 ├
[V] aaa:RtUserEp A target relation to the user endpoint. This object is managed internally and should not be modified by the user.
 ├
[V] aaa:SamlEp 
 
 ├
[V] aaa:SamlEncCert 
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:SamlProvider 
 
 
 ├
[V] aaa:RsProvToEpp 
 
 
 ├
[V] aaa:RsSecProvToEpg A source relation to the endpoint group through which the provider server is reachable.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:SamlProviderGroup  This MO represents a group of AAA SAML servers.
 
 
 ├
[V] aaa:ProviderRef A member of an AAA provider group.
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:TacacsPlusEp The TACACS+ endpoint policy is the global security management properties for TACACS+ endpoints and TACACS+ provider groups.
 
 ├
[V] aaa:RtResTacacsPlusEp A target relation to the TACACS+ endpoint policy. This object is managed internally and should not be modified by the user.
 
 ├
[V] aaa:TacacsPlusProvider A TACACS+ provider is a remote server supporting the TACACS+ protocol that will be used for authentication.
 
 
 ├
[V] aaa:RsProvToEpp 
 
 
 ├
[V] aaa:RsSecProvToEpg A source relation to the endpoint group through which the provider server is reachable.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:TacacsPlusProviderGroup A TACACS+ provider group is a group of remote servers supporting the TACACS+ protocol for authentication.
 
 
 ├
[V] aaa:ProviderRef A member of an AAA provider group.
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:User A locally-authenticated user account.
 
 ├
[V] aaa:SshAuth A user's public key in PEM format used for certificate-based login.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:UserCert An AAA user certificate in X.509 format. This certificate is the RSA public key used for certificate-based REST API calls.
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:UserData This object is managed internally and should not be modified by the user.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] aaa:UserDomain The AAA domain to which the user belongs.
 
 
 ├
[V] aaa:UserRole The privilege bitmask of a user domain.
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:UserConf 
 
 ├
[V] aaa:UserSelf 
 
 
 ├
[V] aaa:UserPreferences  User preferences
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] aaa:UserProfile  User profile
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] aaa:VMMCertificateRule 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 ├
[V] opflex:ODevEp 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] opflex:ODevKeyRing 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] opflex:RtODevKeys  Association from one Ctrlr to opflex certs
 
 ├
[V] opflexp:OpflexpKeyRing 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 ├
[V] pki:Ep The PKI configuration, which includes key rings and certificate authority (CA) credentials. Components of the PKI are used to establish secure communications between two devices.
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 ├
[V] pki:CsyncPolicy Used to control csync timeout and enable/disable.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] pki:CsyncElement The file pattern, the type of pattern (include or exclude), and the symbolic name of the pattern.
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] pki:CsyncSharedKey Used to distribute the key to all IFC nodes.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] pki:DebugPluginChallenge The debug plugin challenge.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] pki:KeyRing A keyring to create and hold an SSL certificate. The SSL certificate contains the public RSA key and signed identity information of a PKI device. The PKI device holds a pair of RSA encryption keys, one kept private and one made public, stored in an internal key ring. The keyring certificate merges into the PKI device keyring to create a trusted relationship.
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 
 ├
[V] pki:CertReq A request sent to a certificate authority (CA or trustpoint) requesting that the CA affirm the identity of the requester and issue a digital certificate verifying that the requestor is the owner of the presented public key.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] pki:RtKeyRing 
 
 
 ├
[V] pki:RtKeyringRef 
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] pki:RtResPkiEp A target relation to the PKI configuration.
 
 ├
[V] pki:TP A trustpoint (certificate authority/CA), which issues and validates (signs) digital certificates. When participating in secure communications using the public key infrastructure (PKI), a participant can verify the identity of the other party through the CA that signed the other party's public key.
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] pki:TbkKey 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] pki:WebTokenData The cryptographic data used for generating and verifying web tokens.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] pki:RtWebTokenData 
 
 
 ├
[V] pki:RtWebtokenRel A target relation to cryptographic data used for generating and verifying web tokens.
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] tag:Annotation 
 ├
[V] tag:Tag 


Inheritance
[V] naming:NamedObject An abstract base class for an object that contains a name.
 ├
[V] pol:Obj Represents a generic policy object.
 
 ├
[V] pol:Def Represents self-contained policy document.
 
 
 ├
[V] aaa:Definition The AAA policy definition. This is an abstract class and cannot be instantiated.
 
 
 
 ├
[V] aaa:UserEp A user endpoint is a local user. A user is assigned a role determines the user's privileges, and belongs to a security domain, which determines the user's scope of control


Events
                aaa:UserEp:creation__aaa_UserEp
aaa:UserEp:modification__aaa_UserEp
aaa:UserEp:deletion__aaa_UserEp


Faults
                


Fsms
                


Properties Summary
Defined in: aaa:UserEp
mo:Annotation
          string:Basic
annotation  (aaa:UserEp:annotation)
           NO COMMENTS
mo:ExtMngdByType
          scalar:Bitmask32
extMngdBy  (aaa:UserEp:extMngdBy)
           NO COMMENTS
reference:BinRef monPolDn  (aaa:UserEp:monPolDn)
           The monitoring policy attached to this observable object.
scalar:Bool newSubscr  (aaa:UserEp:newSubscr)
           NO COMMENTS
aaa:Boolean
          scalar:Enum8
pwdStrengthCheck  (aaa:UserEp:pwdStrengthCheck)
           The password strength check specifies if the system enforces the strength of the user password.
Defined in: aaa:Definition
naming:Name
          string:Basic
name  (aaa:Definition:name)
           Overrides:pol:Obj:name | naming:NamedObject:name
           The name of the AAA definition object.
Defined in: pol:Def
naming:Descr
          string:Basic
descr  (pol:Def:descr)
           Specifies a description of the policy definition.
naming:Descr
          string:Basic
ownerKey  (pol:Def:ownerKey)
           The key for enabling clients to own their data for entity correlation.
naming:Descr
          string:Basic
ownerTag  (pol:Def:ownerTag)
           A tag for enabling clients to add their own data. For example, to indicate who created this object.
Defined in: naming:NamedObject
naming:NameAlias
          string:Basic
nameAlias  (naming:NamedObject:nameAlias)
           NO COMMENTS
Defined in: mo:Modifiable
mo:TStamp
          scalar:Date
modTs  (mo:Modifiable:modTs)
           The time when this object was last modified.
Defined in: mo:Ownable
scalar:Uint16 uid  (mo:Ownable:uid)
           A unique identifier for this object.
Defined in: mo:Resolvable
mo:Owner
          scalar:Enum8
lcOwn  (mo:Resolvable:lcOwn)
           A value that indicates how this object was created. For internal use only.
Defined in: mo:TopProps
mo:ModificationChildAction
          scalar:Bitmask32
childAction  (mo:TopProps:childAction)
           Delete or ignore. For internal use only.
reference:BinRef dn  (mo:TopProps:dn)
           A tag or metadata is a non-hierarchical keyword or term assigned to the fabric module.
reference:BinRN rn  (mo:TopProps:rn)
           Identifies an object from its siblings within the context of its parent object. The distinguished name contains a sequence of relative names.
mo:ModificationStatus
          scalar:Bitmask32
status  (mo:TopProps:status)
           The upgrade status. This property is for internal use only.
Properties Detail

annotation

Type: mo:Annotation
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Range:  min: "0"  max: "128"
        Allowed Chars:
            Regex: [a-zA-Z0-9_.:-]+
    Comments:
NO COMMENTS



childAction

Type: mo:ModificationChildAction
Primitive Type: scalar:Bitmask32

Units: null
Encrypted: false
Access: implicit
Category: TopLevelChildAction
    Comments:
Delete or ignore. For internal use only.
Constants
deleteAll 16384u deleteAll NO COMMENTS
ignore 4096u ignore NO COMMENTS
deleteNonPresent 8192u deleteNonPresent NO COMMENTS
DEFAULT 0 --- This type is used to





descr

Type: naming:Descr
Primitive Type: string:Basic

Like: naming:Described:descr
Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Range:  min: "0"  max: "128"
        Allowed Chars:
            Regex: [a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]+
    Comments:
Specifies a description of the policy definition.



dn

Type: reference:BinRef

Units: null
Encrypted: false
Access: implicit
Category: TopLevelDn
    Comments:
A tag or metadata is a non-hierarchical keyword or term assigned to the fabric module.



extMngdBy

Type: mo:ExtMngdByType
Primitive Type: scalar:Bitmask32

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
NO COMMENTS
Constants
undefined 0u undefined NO COMMENTS
msc 1u msc NO COMMENTS
DEFAULT undefined(0u) undefined NO COMMENTS





lcOwn

Type: mo:Owner
Primitive Type: scalar:Enum8

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
A value that indicates how this object was created. For internal use only.
Constants
local 0 Local NO COMMENTS
policy 1 Policy NO COMMENTS
replica 2 Replica NO COMMENTS
resolveOnBehalf 3 ResolvedOnBehalf NO COMMENTS
implicit 4 Implicit NO COMMENTS
DEFAULT local(0) Local NO COMMENTS





modTs

Type: mo:TStamp
Primitive Type: scalar:Date

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
The time when this object was last modified.
Constants
never 0ull never NO COMMENTS
DEFAULT never(0ull) never NO COMMENTS





monPolDn

Type: reference:BinRef

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
The monitoring policy attached to this observable object.



name

Type: naming:Name
Primitive Type: string:Basic

Overrides:pol:Obj:name  |  naming:NamedObject:name
Units: null Encrypted: false Access: create Category: TopLevelRegular Property Validators: Range: min: "0" max: "64" Allowed Chars: Regex: [a-zA-Z0-9_.:-]+
    Comments:
The name of the AAA definition object.



nameAlias

Type: naming:NameAlias
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Range:  min: "0"  max: "63"
        Allowed Chars:
            Regex: [a-zA-Z0-9_.-]+
    Comments:
NO COMMENTS



newSubscr

Type: scalar:Bool

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
NO COMMENTS
Constants
no false --- NO COMMENTS
yes true --- NO COMMENTS
DEFAULT no(false) --- NO COMMENTS





ownerKey

Type: naming:Descr
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Range:  min: "0"  max: "128"
        Allowed Chars:
            Regex: [a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]+
    Comments:
The key for enabling clients to own their data for entity correlation.



ownerTag

Type: naming:Descr
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Range:  min: "0"  max: "64"
        Allowed Chars:
            Regex: [a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]+
    Comments:
A tag for enabling clients to add their own data. For example, to indicate who created this object.



pwdStrengthCheck

Type: aaa:Boolean
Primitive Type: scalar:Enum8

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Comments:
The password strength check specifies if the system enforces the strength of the user password.
Constants
no 0 No NO COMMENTS
yes 1 Yes NO COMMENTS
DEFAULT yes(1) Yes NO COMMENTS





rn

Type: reference:BinRN

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRn
    Comments:
Identifies an object from its siblings within the context of its parent object. The distinguished name contains a sequence of relative names.



status

Type: mo:ModificationStatus
Primitive Type: scalar:Bitmask32

Units: null
Encrypted: false
Access: implicit
Category: TopLevelStatus
    Comments:
The upgrade status. This property is for internal use only.
Constants
created 2u created In a setter method: specifies that an object should be created. An error is returned if the object already exists.
In the return value of a setter method: indicates that an object has been created.
modified 4u modified In a setter method: specifies that an object should be modified
In the return value of a setter method: indicates that an object has been modified.
deleted 8u deleted In a setter method: specifies that an object should be deleted.
In the return value of a setter method: indicates that an object has been deleted.
DEFAULT 0 --- This type controls the life cycle of objects passed in the XML API.

When used in a setter method (such as configConfMo), the ModificationStatus specifies whether an object should be created, modified, deleted or removed.
In the return value of a setter method, the ModificationStatus indicates the actual operation that was performed. For example, the ModificationStatus is set to "created" if the object was created. The ModificationStatus is not set if the object was neither created, modified, deleted or removed.

When invoking a setter method, the ModificationStatus is optional:
If a setter method such as configConfMo is invoked and the ModificationStatus is not set, the system automatically determines if the object should be created or modified.






uid

Type: scalar:Uint16

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
A unique identifier for this object.