-- Copyright (C) 2006-2014, 2016-2018 Hewlett-Packard Enterprise Development LP
-- All Rights Reserved.
--
-- The contents of this software are proprietary and confidential
-- to the Hewlett Packard Enterprise Development LP.  No part of this
-- program may be photocopied, reproduced, or translated into another
-- programming language without prior written consent of the
-- Hewlett Packard Enterprise Development LP.

HP-AUTZ-MIB DEFINITIONS ::= BEGIN

    IMPORTS
        hpSwitch
            FROM HP-ICF-OID
    InetAddressType, InetAddress
        FROM INET-ADDRESS-MIB
    OBJECT-GROUP, MODULE-COMPLIANCE, NOTIFICATION-GROUP
        FROM SNMPv2-CONF
    RowStatus, TruthValue, TEXTUAL-CONVENTION
        FROM SNMPv2-TC
    OBJECT-TYPE, MODULE-IDENTITY, NOTIFICATION-TYPE,
    Integer32, Unsigned32
        FROM SNMPv2-SMI
    VlanIndex
        FROM Q-BRIDGE-MIB
    VidList
        FROM HP-ICF-TC
    SnmpAdminString
        FROM SNMP-FRAMEWORK-MIB;

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32
    hpSwitchAuthorizationMIB MODULE-IDENTITY
        LAST-UPDATED "201808200000Z"      -- Aug 20, 2018
        ORGANIZATION "HP Networking"
        CONTACT-INFO
            "Hewlett Packard Enterprise Company
            8000 Foothills Blvd.
            Roseville, CA 95747"
        DESCRIPTION
            "This MIB module contains the definitions of objects
            for managing the user authorization service on HP
            networking devices."

        REVISION     "201808200000Z"  -- Aug 20, 2018
        DESCRIPTION  "Updated hpSwitchAutzUserRoleEntry to
                      support new device specific attributes
                      in user role"

        REVISION     "201803190000Z"  -- Mar 19, 2018
        DESCRIPTION  "Added hpSwitchAutzUserRoleLogOffPeriod
                      to support log-off period in user role"

        REVISION     "201707160000Z"  -- Jul 16, 2017
        DESCRIPTION  "Added hpSwitchAutzUserRoleTunneledNodeServerDownloadableRole
                      to support downloadable user role for controller."
        REVISION     "201703160000Z"  -- Mar 16, 2017
        DESCRIPTION  "Added hpSwitchAutzUserRoleDownloadedEnabled and
                      changed hpSwitchAutzUserRoleType to support downloadable user role"
        REVISION     "201610200000Z"  -- Oct 20, 2016
        DESCRIPTION  "Added hpSwitchAutzUserRoleTaggedVlanId and
                      hpSwitchAutzUserRoleTaggedVlanName to support tagged VLAN in user role"
        REVISION     "201605090000Z"  -- May 09, 2016
        DESCRIPTION  "Added hpSwitchAutzUserRoleTunneledNodeServerRedirect
                      and hpSwitchAutzUserRoleTunneledNodeServerSecondaryRole to support
                      redirect user traffic to user tunnel."
        REVISION     "201601070000Z"  -- January 07, 2016
        DESCRIPTION  "Added hpSwitchAutzUserRole."
        REVISION     "201408040000Z"  -- August 04, 2014
        DESCRIPTION  "Added hpSwitchAutzServicePrimaryMethod
                      hpSwitchAutzServiceCommandsLevel to
                      support 'auto' authorization and
                      command access level."
        REVISION     "201102070000Z"  -- February 07, 2011
        DESCRIPTION  "Added
                      hpSwitchLocalMgmtPrivGroupsTable,
                      hpSwitchLocalMgmtPrivCommandsTable."
        REVISION "200708290000Z"      -- August 29, 2007 at 00:00 GMT
        DESCRIPTION
            "Added hpicfSwitchAuthServerFail notification"
        REVISION "200510050000Z"      -- October 05, 2005 at 00:00 GMT
        DESCRIPTION
            "Initial version."
        ::= { hpSwitch 32 }


    HpAutzUserRoleName ::= TEXTUAL-CONVENTION
        DISPLAY-HINT "63a"
        STATUS       current
        DESCRIPTION  "User role name type.  All printable ASCII characters are
                     allowed except '.', ' ', and '~'."
        SYNTAX       OCTET STRING (SIZE(1..63))

--
-- Node definitions
--

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.0
    hpicfSwitchAuthorizationNotifications OBJECT IDENTIFIER ::= { hpSwitchAuthorizationMIB 0 }


    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.0.1
    hpicfSwitchAuthServerFail NOTIFICATION-TYPE
    OBJECTS { hpicfSwitchAuthServerType, hpicfSwitchAuthServerIPType,
    hpicfSwitchAuthServerIP }
        STATUS current
        DESCRIPTION
            "This notification indicates that the specified server is not reachable."
        ::= { hpicfSwitchAuthorizationNotifications 1 }


    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1
    hpSwitchAuthorizationConfig OBJECT IDENTIFIER ::= { hpSwitchAuthorizationMIB 1 }


    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.1
    hpSwitchAutzServiceTable OBJECT-TYPE
        SYNTAX SEQUENCE OF HpSwitchAutzServiceEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "The (conceptual) table listing the authorization
            service types."
        ::= { hpSwitchAuthorizationConfig 1 }


    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.1.1
    hpSwitchAutzServiceEntry OBJECT-TYPE
        SYNTAX HpSwitchAutzServiceEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "An entry (conceptual row) in the hpSwitchAutzServiceTable."
        INDEX { hpSwitchAutzServiceType }
        ::= { hpSwitchAutzServiceTable 1 }


    HpSwitchAutzServiceEntry ::=
        SEQUENCE {
            hpSwitchAutzServiceType
                INTEGER,
            hpSwitchAutzServicePrimaryMethod
                INTEGER,
            hpSwitchAutzServiceSecondaryMethod
                INTEGER,
            hpSwitchAutzServiceCommandsLevel
                INTEGER
         }

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.1.1.1
    hpSwitchAutzServiceType OBJECT-TYPE
        SYNTAX INTEGER
            {
            commands(1),
            exec(2),
            network(3),
            restUri(4)
            }
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Signifies the authorization service type for which
            this entry contains configuration information."
        ::= { hpSwitchAutzServiceEntry 1 }


    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.1.1.2
    hpSwitchAutzServicePrimaryMethod OBJECT-TYPE
        SYNTAX INTEGER
            {
            local(1),
            tacacs(2),
            radius(3),
            none(4),
            auto(5)
            }
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The primary method used for authorization. This object can be
             set only when the authorization service type is command.

             A value of local (1) indicates that authorization is performed
             locally.
             A value of tacacs (2) indicates that authorization is performed
             using TACACS+.
             A value of radius (3) indicates that authorization is performed
             using RADIUS.
             A value of none (4) indicates that authorization is not performed.
             A value of auto (5) indicates that authorization is performed by the
             same protocol that is configured for authentication."

        ::= { hpSwitchAutzServiceEntry 2 }


    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.1.1.3
    hpSwitchAutzServiceSecondaryMethod OBJECT-TYPE
        SYNTAX INTEGER
            {
            local(1),
            none(2)
            }
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Specifies the secondary (backup) method used for
             authorization."
        ::= { hpSwitchAutzServiceEntry 3 }

    hpSwitchAutzServiceCommandsLevel OBJECT-TYPE
        SYNTAX INTEGER
            {
            all(1),
            managerlevelonly(2)
            }
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "This object specifies the command level that requires authorization.

             A value of all (1) indicates that authorization is required for all
             commands.
             A value of managerLevelOnly (2) indicates that the authorization is
             required only for manager level commands.
             This object is only valid when the value of hpSwitchAutzServiceType
             is 'commands'. The default is 'all'."
        DEFVAL {all}
        ::= { hpSwitchAutzServiceEntry 4 }


    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.2
    hpicfSwitchAuthObjects OBJECT IDENTIFIER ::= { hpSwitchAuthorizationConfig 2 }


    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.2.1
    hpicfSwitchAuthServerType OBJECT-TYPE
        SYNTAX INTEGER
            {
            radius(1),
            tacacs(2),
            other(9)
            }
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
        "Authorization server type reported in hpicfSwitchAuthorization
        notifications."
        ::= { hpicfSwitchAuthObjects 1 }


    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.2.2
hpicfSwitchAuthServerIPType OBJECT-TYPE
    SYNTAX InetAddressType
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
        "InetAddressType of the address reported in
        hpicfSwitchAuthServerIP."
        ::= { hpicfSwitchAuthObjects 2 }


-- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.2.3
hpicfSwitchAuthServerIP OBJECT-TYPE
    SYNTAX InetAddress
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "This object is used in an
        hpicfSwitchAuthorizationNotification to report the IP
        address of the affected server."
    ::= { hpicfSwitchAuthObjects 3 }


-- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.3
hpSwitchAuthConfigObjects OBJECT IDENTIFIER ::= { hpSwitchAuthorizationConfig 3 }


-- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.3.1
hpicfSwitchAuthServerNotifyEnable OBJECT-TYPE
    SYNTAX INTEGER
        {
        enabled(1),
        disabled(2)
        }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "The operational status of hpicfSwitchAuthServerFail notifications.
         The default value is 1 (Enabled). A value of 2 represents
         Disabled. Writing this object requires authentication, such
         as provided by SNMPv3."
    ::= { hpSwitchAuthConfigObjects 1 }

-- ------------------------------------------------------------
-- Local Management Privilege Groups Table
-- ------------------------------------------------------------

-- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.4
hpSwitchAuthLocalPrivConfigObjects OBJECT IDENTIFIER ::= { hpSwitchAuthorizationConfig 4 }

   hpSwitchLocalMgmtPrivGroupsTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF HpSwitchLocalMgmtPrivGroupsEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION "This table lists the local management
                     privilege group names."
        ::= { hpSwitchAuthLocalPrivConfigObjects 1 }

   hpSwitchLocalMgmtPrivGroupsEntry OBJECT-TYPE
        SYNTAX      HpSwitchLocalMgmtPrivGroupsEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION "Local Management Groups entry."
          INDEX { hpSwitchLocalMgmtPrivGroupIndex }
        ::= { hpSwitchLocalMgmtPrivGroupsTable 1 }

   HpSwitchLocalMgmtPrivGroupsEntry ::=
        SEQUENCE {
            hpSwitchLocalMgmtPrivGroupIndex           Integer32,
            hpSwitchLocalMgmtPrivGroupName            OCTET STRING,
            hpSwitchLocalMgmtPrivGroupStatus          RowStatus
        }

   hpSwitchLocalMgmtPrivGroupIndex OBJECT-TYPE
        SYNTAX      Integer32 (1..2147483647)
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION "The index value which uniquely identifies a row
                     in the group table.
                     The values, One (1) is reserved for a predefined manager group,
                     Two (2) is reserved for usernames that are not
                     assigned to a group.  The privileges for usernames that
                     do not have a group assignment is the same as
                     operator'. "
        ::= { hpSwitchLocalMgmtPrivGroupsEntry 1 }

   hpSwitchLocalMgmtPrivGroupName OBJECT-TYPE
        SYNTAX      OCTET STRING ( SIZE (1..255))
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION "The name of a given Local Management server group."
        ::= { hpSwitchLocalMgmtPrivGroupsEntry 2 }

   hpSwitchLocalMgmtPrivGroupStatus OBJECT-TYPE
        SYNTAX      RowStatus
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION "The status of the local management privilege
                     group row."
        ::= { hpSwitchLocalMgmtPrivGroupsEntry 3 }

-- ------------------------------------------------------------
-- Local Managment Privilege Commands Table
-- ------------------------------------------------------------

   hpSwitchLocalMgmtPrivCommandsTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF HpSwitchLocalMgmtPrivCommandsEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION "This table lists the local management
                     Privilege Command Match strings."
        ::= { hpSwitchAuthLocalPrivConfigObjects 2 }

   hpSwitchLocalMgmtPrivCommandsEntry OBJECT-TYPE
        SYNTAX      HpSwitchLocalMgmtPrivCommandsEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION "Local Management Commands entry."
          INDEX { hpSwitchLocalMgmtPrivGroupIndex,
                  hpSwitchLocalMgmtPrivCmdSequenceIndex }

        ::= { hpSwitchLocalMgmtPrivCommandsTable 1 }

   HpSwitchLocalMgmtPrivCommandsEntry ::=
        SEQUENCE {
            hpSwitchLocalMgmtPrivCmdSequenceIndex        Integer32,
            hpSwitchLocalMgmtPrivCmdMatchStr             OCTET STRING,
            hpSwitchLocalMgmtPrivCmdPriv                 INTEGER,
            hpSwitchLocalMgmtPrivCmdSendLog              INTEGER,
            hpSwitchLocalMgmtPrivCmdStatus               RowStatus
        }

   hpSwitchLocalMgmtPrivCmdSequenceIndex OBJECT-TYPE
        SYNTAX      Integer32 (1..2147483647)
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION "The index value which uniquely identifies a row
                     in the command table.  See the
                     documentation for the number of sequences allowed."
        ::= { hpSwitchLocalMgmtPrivCommandsEntry 1 }

   hpSwitchLocalMgmtPrivCmdMatchStr OBJECT-TYPE
        SYNTAX      OCTET STRING ( SIZE (0..65535))
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION "The syntax of a command within a group.
                     See the documentation for the maximum length
                     of the command name."
        ::= { hpSwitchLocalMgmtPrivCommandsEntry 2 }

   hpSwitchLocalMgmtPrivCmdPriv OBJECT-TYPE
        SYNTAX      INTEGER {
                        permit(1),
                        deny(2)
        }
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION "The privilege associated with commands that
                     match the command string."
        ::= { hpSwitchLocalMgmtPrivCommandsEntry 3 }

   hpSwitchLocalMgmtPrivCmdSendLog OBJECT-TYPE
        SYNTAX      INTEGER {
                        enable(1),
                        disable(2)
        }
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION "Determines if a log message is generated when
                     commands matching this command string are
                     attempted."
        DEFVAL {disable}
        ::= { hpSwitchLocalMgmtPrivCommandsEntry 4 }


   hpSwitchLocalMgmtPrivCmdStatus OBJECT-TYPE
        SYNTAX      RowStatus
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION "The status of the local management privilege
                     command row."
        ::= { hpSwitchLocalMgmtPrivCommandsEntry 5 }

-- ------------------------------------------------------------
-- User Role Objects
-- ------------------------------------------------------------

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5
   hpSwitchAutzUserRole OBJECT IDENTIFIER ::= { hpSwitchAuthorizationConfig 5 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.1
   hpSwitchAutzUserRoleEnabled OBJECT-TYPE
       SYNTAX      TruthValue
       MAX-ACCESS  read-write
       STATUS      current
       DESCRIPTION "Enable user role-based authorization.  When enabled,
                    authenticated clients are assigned roles that determine
                    authorization level.  When disabled, roles are not used."
       DEFVAL { false }
       ::= { hpSwitchAutzUserRole 1 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.2
   hpSwitchAutzUserRoleInitialRoleName OBJECT-TYPE
       SYNTAX      HpAutzUserRoleName
       MAX-ACCESS  read-write
       STATUS      current
       DESCRIPTION "The value of this object must match the
                    hpSwitchAutzUserRoleName of an entry in the
                    hpSwithcAutzUserRoleTable."
       ::= { hpSwitchAutzUserRole 2 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.4
   hpSwitchAutzUserRoleDownloadedEnabled OBJECT-TYPE
       SYNTAX      TruthValue
       MAX-ACCESS  read-write
       STATUS      current
       DESCRIPTION "This object enables or disables the downlodable user role
                    feature. The hpSwitchAutzUserRoleEnabled object should
                    be enabled before configuring this object."
       DEFVAL { false }
       ::= { hpSwitchAutzUserRole 4 }

-- ------------------------------------------------------------
-- User Roles Table
-- ------------------------------------------------------------

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3
   hpSwitchAutzUserRoleTable OBJECT-TYPE
       SYNTAX      SEQUENCE OF HpSwitchAutzUserRoleEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION "A table of configured user roles.  The maximum
                    number of entries is implementation dependent."
       ::= { hpSwitchAutzUserRole 3 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.3.1.5.3.1
   hpSwitchAutzUserRoleEntry OBJECT-TYPE
       SYNTAX      HpSwitchAutzUserRoleEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION "A user role table entry."
       INDEX       { hpSwitchAutzUserRoleName }
       ::= { hpSwitchAutzUserRoleTable 1 }

   HpSwitchAutzUserRoleEntry::=
       SEQUENCE {
           hpSwitchAutzUserRoleName                                HpAutzUserRoleName,
           hpSwitchAutzUserRoleRowStatus                           RowStatus,
           hpSwitchAutzUserRoleType                                INTEGER,
           hpSwitchAutzUserRoleCaptivePortalProfileName            OCTET STRING,
           hpSwitchAutzUserRoleIngressUserPolicyName               OCTET STRING,
           hpSwitchAutzUserRoleReauthPeriod                        Integer32,
           hpSwitchAutzUserRoleVlanId                              VlanIndex,
           hpSwitchAutzUserRoleVlanName                            SnmpAdminString,
           hpSwitchAutzUserRoleTunneledNodeServerRedirect          INTEGER,
           hpSwitchAutzUserRoleTunneledNodeServerSecondaryRole     OCTET STRING,
           hpSwitchAutzUserRoleTaggedVlanId                        VlanIndex,
           hpSwitchAutzUserRoleTaggedVlanName                      SnmpAdminString,
           hpSwitchAutzUserRoleTunneledNodeServerDownloadableRole  TruthValue,
           hpSwitchAutzUserRoleLogOffPeriod                        Integer32,
           hpSwitchAutzUserRoleCachedReauthPeriod                  Unsigned32,
           hpSwitchAutzUserRoleTaggedVlanList                      VidList
       }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.1
   hpSwitchAutzUserRoleName OBJECT-TYPE
        SYNTAX      HpAutzUserRoleName
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION "The name of this user role."
        ::= { hpSwitchAutzUserRoleEntry 1 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.2
   hpSwitchAutzUserRoleRowStatus OBJECT-TYPE
       SYNTAX      RowStatus
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION "The Row Status of this entry.

                    To create a new entry, send an SNMP SET request with a
                    RowStatus of 'createAndGo'.

                    active - the entry is ready to use.

                    notInService - not valid for this table.

                    notReady - the entry is not fully configured.

                    createAndGo - create a new entry. Entries of
                                  hpSwitchAutzUserRoleType 'downloaded'
                                  cannot be created or modified.

                    createAndWait - not valid for this table.

                    delete - delete the entry. Entries of
                             hpSwitchAutzUserRoleType 'predefined' and
                             the entry assigned to
                             hpSwitchAutzUserRoleInitialRoleName cannot
                             be deleted."
       ::= { hpSwitchAutzUserRoleEntry 2 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.3
   hpSwitchAutzUserRoleType OBJECT-TYPE
       SYNTAX      INTEGER {
                       predefined(1),
                       local(2),
                       downloaded(3)
                   }
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION "This object defines different user role types supported.
                    Predefined user roles cannot be modified or deleted.
                    Downloaded user roles cannot be modified or created."
       ::= { hpSwitchAutzUserRoleEntry 3 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.4
   hpSwitchAutzUserRoleCaptivePortalProfileName OBJECT-TYPE
       SYNTAX      OCTET STRING (SIZE(0..63))
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION "The name of the captive portal profile
                    (hpicfUsrAuthCaptivePortalProfileName) associated
                    with this role. All printable ASCII characters
                    are allowed except '.', ' ', and '~'."
       ::= { hpSwitchAutzUserRoleEntry 4 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.5
   hpSwitchAutzUserRoleIngressUserPolicyName OBJECT-TYPE
       SYNTAX      OCTET STRING (SIZE(0..64))
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION  "The name associated with hpicfGppcv2NpPolicyName
                    of hpicfGppcv2NpSubType 'policyUser' assigned to
                    this role."
       ::= { hpSwitchAutzUserRoleEntry 5 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.6
   hpSwitchAutzUserRoleReauthPeriod OBJECT-TYPE
       SYNTAX      Integer32 (0..999999999)
       UNITS       "seconds"
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION "Specifies the period, in seconds, at which an
                    authenticated client must re-authenticate. A value
                    of 0 signifies that an authenticated client will
                    never have to re-authenticate."
       DEFVAL      { 0 }
       ::= { hpSwitchAutzUserRoleEntry 6 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.7
   hpSwitchAutzUserRoleVlanId OBJECT-TYPE
       SYNTAX      VlanIndex
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION "The untagged VLAN ID for this role. A value of 0 indicates
                    unset. This column is mutually exclusive with
                    hpSwitchAutzUserRoleVlanName."
       ::= { hpSwitchAutzUserRoleEntry 7 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.8
   hpSwitchAutzUserRoleVlanName OBJECT-TYPE
       SYNTAX      SnmpAdminString (SIZE(0..32))
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION "The untagged VLAN name for this role. This column is mutually
                    exclusive with hpSwitchAutzUserRoleVlanId."
       ::= { hpSwitchAutzUserRoleEntry 8 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.9
   hpSwitchAutzUserRoleTunneledNodeServerRedirect OBJECT-TYPE
       SYNTAX      INTEGER
                   {
                       enable(1),
                       disable(2)
                   }
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION "Enables or disables the traffic redirection to the
                    tunnel. If the MIB object 'hpSwitchAutzUserRoleCaptivePortalProfileName'
                    is already enabled and an attempt is made to enable
                    this object, it will result in an error.
                    The MIB object can be enabled only if there is a tagged or
                    untagged VLAN present in the user role."
       DEFVAL       {disable}
       ::= { hpSwitchAutzUserRoleEntry 9 }


   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.10
   hpSwitchAutzUserRoleTunneledNodeServerSecondaryRole OBJECT-TYPE
       SYNTAX      OCTET STRING (SIZE(0..63))
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION "The secondary role associated with this user role.
                    This will be applied to user traffic at tunnel-node server end.
                    All printable ASCII characters are allowed
                    except '.', ' ' and '~'. This object returns an error if the
                    secondary role name is greater than 63 characters."
       ::= { hpSwitchAutzUserRoleEntry 10 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.11
   hpSwitchAutzUserRoleTaggedVlanId OBJECT-TYPE
       SYNTAX      VlanIndex
       MAX-ACCESS  read-create
       STATUS      deprecated
       DESCRIPTION "The tagged VLAN ID for this role. A value of 0 indicates
                    unset. This column is mutually exclusive with
                    hpSwitchAutzUserRoleTaggedVlanName,."
       ::= { hpSwitchAutzUserRoleEntry 11 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.12
   hpSwitchAutzUserRoleTaggedVlanName OBJECT-TYPE
       SYNTAX      SnmpAdminString (SIZE(0..32))
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION "The tagged VLAN name for this role. This column is mutually
                    exclusive with hpSwitchAutzUserRoleTaggedVlanId."
       ::= { hpSwitchAutzUserRoleEntry 12 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.13
   hpSwitchAutzUserRoleTunneledNodeServerDownloadableRole OBJECT-TYPE
       SYNTAX      TruthValue
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION "This object indicates if the secondary roles is
                    downloadable user role or not.The
                    hpSwitchAutzUserRoleTunneledNodeServerRedirectobject
                    should be enabled before configuring this object."
       ::= { hpSwitchAutzUserRoleEntry 13 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.14
   hpSwitchAutzUserRoleLogOffPeriod OBJECT-TYPE
       SYNTAX      Integer32 (0 | 60..9999999)
       UNITS       "seconds"
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION "Specifies the period, in seconds, at which an authenticated
                    client must automatically log-off. A value of 0 signifies
                    that an authenticated client will never have to
                    automatically log-off."
       DEFVAL      { 300 }
       ::= { hpSwitchAutzUserRoleEntry 14 }

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.15
    hpSwitchAutzUserRoleCachedReauthPeriod OBJECT-TYPE
        SYNTAX         Unsigned32 (0 | 60..2147483647)
        UNITS          "seconds"
        MAX-ACCESS     read-create
        STATUS         current
        DESCRIPTION    "The value indicates the period in seconds, during which
                        cached reauthentication is allowed on the port. A value
			of 0 signifies cached reauthentication period is not set."
        ::= { hpSwitchAutzUserRoleEntry 15 }

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.3.1.16
    hpSwitchAutzUserRoleTaggedVlanList OBJECT-TYPE
        SYNTAX          VidList
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "The set of tagged VLANs associated with this user-role."
        ::= { hpSwitchAutzUserRoleEntry 16 }

   hpSwitchAutzUserRoleSubTable OBJECT-TYPE
       SYNTAX      SEQUENCE OF HpSwitchAutzUserRoleSubEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION "A table of configured sub user roles attributes. The maximum
                    number of entries is implementation dependent."
       ::= { hpSwitchAutzUserRole 5 }

   -- 1.3.6.1.4.1.11.2.14.11.5.1.32.3.1.5.3.1
   hpSwitchAutzUserRoleSubEntry OBJECT-TYPE
       SYNTAX      HpSwitchAutzUserRoleSubEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION "A user role sub table entry."
       INDEX       { hpSwitchAutzUserRoleName, hpSwitchAutzUserRoleSubType }
       ::= { hpSwitchAutzUserRoleSubTable 1 }

   HpSwitchAutzUserRoleSubEntry::=
       SEQUENCE {
           hpSwitchAutzUserRoleSubType                             INTEGER,
           hpSwitchAutzUserRoleAdminEdgePort                       TruthValue,
           hpSwitchAutzUserRolePoePriority                         INTEGER,
           hpSwitchAutzUserRolePoeAllocBy                          INTEGER,
           hpSwitchAutzUserRoleSubTypeRowStatus                    RowStatus,
           hpSwitchAutzUserRolePortMode                            TruthValue
       }

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.4.1.1
    hpSwitchAutzUserRoleSubType OBJECT-TYPE
        SYNTAX         INTEGER {
                               device(1)
                          }
        MAX-ACCESS     not-accessible
        STATUS         current
        DESCRIPTION    "This object specifies the sub type of user-role attributes.
                        Device or other specific type."
        ::= { hpSwitchAutzUserRoleSubEntry 1 }

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.4.1.2
    hpSwitchAutzUserRoleAdminEdgePort OBJECT-TYPE
        SYNTAX          TruthValue
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "The administrative value of the Edge Port parameter.
                         A value of true(1) indicates that the port associated
                         with this user-role should be assumed as an edge-port,
                         and a value of false(2) indicates that the port
                         associated with this user-role should be assumed as a
                         non-edge-port."
        DEFVAL          {false}
        ::= { hpSwitchAutzUserRoleSubEntry 2 }

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.4.1.3
    hpSwitchAutzUserRolePoePriority OBJECT-TYPE
        SYNTAX         INTEGER {
			        default(0),
                                critical(1),
                                high(2),
                                low(3)
                            }
        MAX-ACCESS     read-create
        STATUS         current
        DESCRIPTION    "This object controls the priority of the port from the point
                        of view of a power management algorithm. The priority that
                        is set by this variable could be used by a control mechanism
                        that prevents over current situations by disconnecting first
                        ports with lower power priority. Ports that connect devices
                        critical to the operation of the network - like the E911
                        telephones ports - should be set to higher priority."
        ::= { hpSwitchAutzUserRoleSubEntry 3 }

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.4.1.4
    hpSwitchAutzUserRolePoeAllocBy OBJECT-TYPE
        SYNTAX         INTEGER {
				usage(1),
				class(2)
			     }
        MAX-ACCESS       read-create
        STATUS           current
        DESCRIPTION      "This object indicates the power allocation method for
                          this port. The default value is usage."
        ::= { hpSwitchAutzUserRoleSubEntry 4 }

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.4.1.5
   hpSwitchAutzUserRoleSubTypeRowStatus OBJECT-TYPE
       SYNTAX      RowStatus
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION "The Row Status of this entry.

                    To create a new entry, send an SNMP SET request with a
                    RowStatus of 'createAndGo'.

                    active - the entry is ready to use.

                    notInService - not valid for this table.

                    notReady - the entry is not fully configured.

                    createAndGo - create a new entry. Entries of
                                  hpSwitchAutzUserRoleType 'downloaded'
                                  cannot be created or modified.

                    createAndWait - not valid for this table.

                    delete - delete the entry. Entries of
                             hpSwitchAutzUserRoleType 'predefined' and
                             the entry assigned to
                             hpSwitchAutzUserRoleInitialRoleName cannot
                             be deleted."
       ::= { hpSwitchAutzUserRoleSubEntry 5 }

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.5.4.1.7
    hpSwitchAutzUserRolePortMode OBJECT-TYPE
        SYNTAX         TruthValue
        MAX-ACCESS     read-create
        STATUS         current
        DESCRIPTION    "This object indicates if the auth method on a port will be
                        operating on a port mode or not."
        DEFVAL          {false}
        ::= { hpSwitchAutzUserRoleSubEntry 7 }

-- ------------------------------------------------------------
-- Local Managment Privilege URI Table
-- ------------------------------------------------------------

-- 1.3.6.1.4.1.11.2.14.11.5.1.32.1.6


-- Compliance Statements

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.2
    hpSwitchAuthorizationConformance OBJECT IDENTIFIER ::= { hpSwitchAuthorizationMIB 2 }


    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.2.1
hpSwitchAuthorizationMIBCompliances OBJECT IDENTIFIER ::=
    { hpSwitchAuthorizationConformance 1 }


    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.2.1.1
    hpSwitchAuthorizationMIBCompliance MODULE-COMPLIANCE
        STATUS current
        DESCRIPTION
            "The compliance statement for devices implementing the
            HP-AUTZ-MIB."
        MODULE -- this module
            MANDATORY-GROUPS { hpSwitchAuthorizationConfigGroup }
        ::= { hpSwitchAuthorizationMIBCompliances 1 }

   hpSwitchLocalMgmtPrivGrpMIBCompliance      MODULE-COMPLIANCE
        STATUS      deprecated
        DESCRIPTION "The compliance statement for listing the
                     local management privilege methods to be
                     tried for granting
                     different access levels through
                     various access tasks"
        MODULE -- this module

        MANDATORY-GROUPS { hpSwitchAutzLocalMgmtPrivGroup }

        OBJECT  hpSwitchLocalMgmtPrivGroupName
        MIN-ACCESS  read-only
        DESCRIPTION
            "Write access is not required.
            "
        OBJECT  hpSwitchLocalMgmtPrivCmdMatchStr
        MIN-ACCESS  read-only
        DESCRIPTION
            "Write access is not required.
            "
        OBJECT  hpSwitchLocalMgmtPrivCmdPriv
        MIN-ACCESS  read-only
        DESCRIPTION
            "Write access is not required.
            "
        OBJECT  hpSwitchLocalMgmtPrivCmdSendLog
        MIN-ACCESS  read-only
        DESCRIPTION
            "Write access is not required.
            "
       ::= { hpSwitchAuthorizationMIBCompliances 2 }

   hpSwitchLocalMgmtPrivGrpMIBCompliance1    MODULE-COMPLIANCE
       STATUS        deprecated
       DESCRIPTION   "The compliance statement for listing the
                      local management privilege methods to be
                      tried for granting different access levels
                      through various access tasks"
       MODULE  -- this module
       MANDATORY-GROUPS { hpSwitchAutzLocalMgmtPrivGroup1 }
       ::=  {  hpSwitchAuthorizationMIBCompliances 3  }

   hpSwitchAuthorizationObjectsGrpMIBCompliance MODULE-COMPLIANCE
      STATUS         current
      DESCRIPTION    "The compliance statement for listing the
                      local management privilege methods to be
                      tried for granting different access levels
                      through various access tasks"
      MODULE -- this module
      MANDATORY-GROUPS  { hpicfSwitchAuthorizationObjectsGroup }
      ::=   { hpSwitchAuthorizationMIBCompliances 4 }

   hpSwitchAuthorizationNotificationGrpMIBCompliance MODULE-COMPLIANCE
      STATUS         current
      DESCRIPTION    "The compliance statement for listing the
                      local management privilege methods to be
                      tried for granting different access levels
                      through various access tasks"
      MODULE -- this module
      MANDATORY-GROUPS  { hpicfSwitchAuthorizationNotificationGroup }
      ::=   { hpSwitchAuthorizationMIBCompliances 5 }

    hpSwitchAutzRoleGrpCompliance MODULE-COMPLIANCE
      STATUS        deprecated
      DESCRIPTION   "The compliance statement for user roles."
      MODULE -- this module
      MANDATORY-GROUPS  { hpSwitchAutzUserRoleGroup }
      ::=   { hpSwitchAuthorizationMIBCompliances 6 }

    hpSwitchAutzRoleGrpCompliance1 MODULE-COMPLIANCE
      STATUS        deprecated
      DESCRIPTION   "The compliance statement for user roles."
      MODULE -- this module
      MANDATORY-GROUPS  { hpSwitchAutzUserRoleGroup1 }

      ::=   { hpSwitchAuthorizationMIBCompliances 7 }

    hpSwitchAutzRoleGrpCompliance2 MODULE-COMPLIANCE
      STATUS        deprecated
      DESCRIPTION   "The compliance statement for user roles."
      MODULE -- this module
      MANDATORY-GROUPS  { hpSwitchAutzUserRoleGroup2 }

      ::=   { hpSwitchAuthorizationMIBCompliances 8 }
    hpSwitchAutzRoleGrpCompliance3 MODULE-COMPLIANCE
      STATUS        deprecated
      DESCRIPTION   "The compliance statement for user roles."
      MODULE -- this module
      MANDATORY-GROUPS  { hpSwitchAutzUserRoleGroup3 }

      ::=   { hpSwitchAuthorizationMIBCompliances 9 }

    hpSwitchAutzRoleGrpCompliance4 MODULE-COMPLIANCE
      STATUS        deprecated
      DESCRIPTION   "The compliance statement for user roles."
      MODULE -- this module
      MANDATORY-GROUPS  { hpSwitchAutzUserRoleGroup4 }

      ::=   { hpSwitchAuthorizationMIBCompliances 10 }

   hpSwitchLocalMgmtPrivGrpMIBCompliance2      MODULE-COMPLIANCE
        STATUS      current
        DESCRIPTION "The compliance statement for listing the
                     local management privilege methods to be
                     tried for granting
                     different access levels through
                     various access tasks"
        MODULE -- this module

        MANDATORY-GROUPS { hpSwitchAutzLocalMgmtPrivGroup
	                 }

        OBJECT  hpSwitchLocalMgmtPrivGroupName
        MIN-ACCESS  read-only
        DESCRIPTION
            "Write access is not required.
            "
        OBJECT  hpSwitchLocalMgmtPrivCmdMatchStr
        MIN-ACCESS  read-only
        DESCRIPTION
            "Write access is not required.
            "
        OBJECT  hpSwitchLocalMgmtPrivCmdPriv
        MIN-ACCESS  read-only
        DESCRIPTION
            "Write access is not required.
            "
        OBJECT  hpSwitchLocalMgmtPrivCmdSendLog
        MIN-ACCESS  read-only
        DESCRIPTION
            "Write access is not required.
            "
       ::= { hpSwitchAuthorizationMIBCompliances 11 }

   hpSwitchLocalMgmtPrivGrpMIBCompliance3    MODULE-COMPLIANCE
       STATUS        current
       DESCRIPTION   "The compliance statement for listing the
                      local management privilege methods to be
                      tried for granting different access levels
                      through various access tasks"
       MODULE -- this module
       MANDATORY-GROUPS { hpSwitchAutzLocalMgmtPrivGroup1}
       ::=  {  hpSwitchAuthorizationMIBCompliances 12  }


    hpSwitchAutzRoleGrpCompliance5 MODULE-COMPLIANCE
      STATUS        deprecated
      DESCRIPTION   "The compliance statement for user roles."
      MODULE -- this module
      MANDATORY-GROUPS  { hpSwitchAutzUserRoleGroup5 }

      ::=   { hpSwitchAuthorizationMIBCompliances 13 }

    hpSwitchAutzRoleGrpCompliance6 MODULE-COMPLIANCE
      STATUS        current
      DESCRIPTION   "The compliance statement for user roles."
      MODULE -- this module
      MANDATORY-GROUPS  { hpSwitchAutzUserRoleGroup6 }

      ::=   { hpSwitchAuthorizationMIBCompliances 14 }

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.2.2
    hpSwitchAuthorizationMIBGroups OBJECT IDENTIFIER ::= { hpSwitchAuthorizationConformance 2 }

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.2.2.1
    hpSwitchAuthorizationConfigGroup OBJECT-GROUP
    OBJECTS { hpSwitchAutzServicePrimaryMethod,
        hpSwitchAutzServiceSecondaryMethod, hpSwitchAutzServiceCommandsLevel,
        hpicfSwitchAuthServerNotifyEnable }
        STATUS current
        DESCRIPTION
            "A collection of objects to support authorization service."
        ::= { hpSwitchAuthorizationMIBGroups 1 }

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.2.2.2
   hpicfSwitchAuthorizationNotificationGroup NOTIFICATION-GROUP
        NOTIFICATIONS { hpicfSwitchAuthServerFail }
        STATUS current
        DESCRIPTION
        "A group of switch authorization notifications."
        ::= { hpSwitchAuthorizationMIBGroups 2 }

    -- 1.3.6.1.4.1.11.2.14.11.5.1.32.2.2.3
    hpicfSwitchAuthorizationObjectsGroup OBJECT-GROUP
    OBJECTS { hpicfSwitchAuthServerType, hpicfSwitchAuthServerIPType,
        hpicfSwitchAuthServerIP }
        STATUS current
        DESCRIPTION
        "A group of switch authorization objects."
        ::= { hpSwitchAuthorizationMIBGroups 3 }

    hpSwitchAutzLocalMgmtPrivGroup OBJECT-GROUP
        OBJECTS   {
            hpSwitchLocalMgmtPrivGroupName,
            hpSwitchLocalMgmtPrivCmdMatchStr,
            hpSwitchLocalMgmtPrivCmdPriv,
            hpSwitchLocalMgmtPrivCmdSendLog
        }
        STATUS    current
        DESCRIPTION "A collection of objects for configuring
                     Local Manangement Privilege Groups"
       ::= { hpSwitchAuthorizationMIBGroups 4 }

    hpSwitchAutzLocalMgmtPrivGroup1 OBJECT-GROUP
      OBJECTS  {
         hpSwitchLocalMgmtPrivCmdStatus,
         hpSwitchLocalMgmtPrivGroupStatus
      }
      STATUS   current
      DESCRIPTION "A collection of objects for configuring
                   Local Mangement Privilege Groups"
      ::= { hpSwitchAuthorizationMIBGroups 5 }

    hpSwitchAutzUserRoleGroup OBJECT-GROUP
      OBJECTS {
         hpSwitchAutzUserRoleEnabled,
         hpSwitchAutzUserRoleInitialRoleName,
         hpSwitchAutzUserRoleRowStatus,
         hpSwitchAutzUserRoleType,
         hpSwitchAutzUserRoleCaptivePortalProfileName,
         hpSwitchAutzUserRoleIngressUserPolicyName,
         hpSwitchAutzUserRoleReauthPeriod,
         hpSwitchAutzUserRoleVlanId,
         hpSwitchAutzUserRoleVlanName
      }
      STATUS   deprecated
      DESCRIPTION "A collection of objects for supporting
                   local user roles."
      ::= { hpSwitchAuthorizationMIBGroups 6 }

    hpSwitchAutzUserRoleGroup1 OBJECT-GROUP
      OBJECTS {
         hpSwitchAutzUserRoleEnabled,
         hpSwitchAutzUserRoleInitialRoleName,
         hpSwitchAutzUserRoleRowStatus,
         hpSwitchAutzUserRoleType,
         hpSwitchAutzUserRoleCaptivePortalProfileName,
         hpSwitchAutzUserRoleIngressUserPolicyName,
         hpSwitchAutzUserRoleReauthPeriod,
         hpSwitchAutzUserRoleVlanId,
         hpSwitchAutzUserRoleVlanName,
         hpSwitchAutzUserRoleTunneledNodeServerRedirect,
         hpSwitchAutzUserRoleTunneledNodeServerSecondaryRole
      }
      STATUS   deprecated
      DESCRIPTION "A collection of objects for supporting
                   local user roles."
      ::= { hpSwitchAuthorizationMIBGroups 7 }

    hpSwitchAutzUserRoleGroup2 OBJECT-GROUP
      OBJECTS {
         hpSwitchAutzUserRoleEnabled,
         hpSwitchAutzUserRoleInitialRoleName,
         hpSwitchAutzUserRoleRowStatus,
         hpSwitchAutzUserRoleType,
         hpSwitchAutzUserRoleCaptivePortalProfileName,
         hpSwitchAutzUserRoleIngressUserPolicyName,
         hpSwitchAutzUserRoleReauthPeriod,
         hpSwitchAutzUserRoleVlanId,
         hpSwitchAutzUserRoleVlanName,
         hpSwitchAutzUserRoleTunneledNodeServerRedirect,
         hpSwitchAutzUserRoleTunneledNodeServerSecondaryRole,
         hpSwitchAutzUserRoleTaggedVlanId,
         hpSwitchAutzUserRoleTaggedVlanName
      }
      STATUS   deprecated
      DESCRIPTION "A collection of objects for supporting
                   local user roles."
      ::= { hpSwitchAuthorizationMIBGroups 8 }

    hpSwitchAutzUserRoleGroup3 OBJECT-GROUP
      OBJECTS {
         hpSwitchAutzUserRoleEnabled,
         hpSwitchAutzUserRoleInitialRoleName,
         hpSwitchAutzUserRoleRowStatus,
         hpSwitchAutzUserRoleType,
         hpSwitchAutzUserRoleCaptivePortalProfileName,
         hpSwitchAutzUserRoleIngressUserPolicyName,
         hpSwitchAutzUserRoleReauthPeriod,
         hpSwitchAutzUserRoleVlanId,
         hpSwitchAutzUserRoleVlanName,
         hpSwitchAutzUserRoleTunneledNodeServerRedirect,
         hpSwitchAutzUserRoleTunneledNodeServerSecondaryRole,
         hpSwitchAutzUserRoleTaggedVlanId,
         hpSwitchAutzUserRoleTaggedVlanName,
         hpSwitchAutzUserRoleDownloadedEnabled
      }
      STATUS   deprecated
      DESCRIPTION "A collection of objects for supporting
                   local user roles."
      ::= { hpSwitchAuthorizationMIBGroups 9 }

    hpSwitchAutzUserRoleGroup4 OBJECT-GROUP
      OBJECTS {
         hpSwitchAutzUserRoleEnabled,
         hpSwitchAutzUserRoleInitialRoleName,
         hpSwitchAutzUserRoleRowStatus,
         hpSwitchAutzUserRoleType,
         hpSwitchAutzUserRoleCaptivePortalProfileName,
         hpSwitchAutzUserRoleIngressUserPolicyName,
         hpSwitchAutzUserRoleReauthPeriod,
         hpSwitchAutzUserRoleVlanId,
         hpSwitchAutzUserRoleVlanName,
         hpSwitchAutzUserRoleTunneledNodeServerRedirect,
         hpSwitchAutzUserRoleTunneledNodeServerSecondaryRole,
         hpSwitchAutzUserRoleTaggedVlanId,
         hpSwitchAutzUserRoleTaggedVlanName,
         hpSwitchAutzUserRoleDownloadedEnabled,
         hpSwitchAutzUserRoleTunneledNodeServerDownloadableRole
      }
      STATUS   deprecated
      DESCRIPTION "A collection of objects for supporting
                   local user roles."
      ::= { hpSwitchAuthorizationMIBGroups 10 }

    hpSwitchAutzUserRoleGroup5 OBJECT-GROUP
      OBJECTS {
         hpSwitchAutzUserRoleEnabled,
         hpSwitchAutzUserRoleInitialRoleName,
         hpSwitchAutzUserRoleRowStatus,
         hpSwitchAutzUserRoleType,
         hpSwitchAutzUserRoleCaptivePortalProfileName,
         hpSwitchAutzUserRoleIngressUserPolicyName,
         hpSwitchAutzUserRoleReauthPeriod,
         hpSwitchAutzUserRoleVlanId,
         hpSwitchAutzUserRoleVlanName,
         hpSwitchAutzUserRoleTunneledNodeServerRedirect,
         hpSwitchAutzUserRoleTunneledNodeServerSecondaryRole,
         hpSwitchAutzUserRoleTaggedVlanId,
         hpSwitchAutzUserRoleTaggedVlanName,
         hpSwitchAutzUserRoleDownloadedEnabled,
         hpSwitchAutzUserRoleTunneledNodeServerDownloadableRole,
         hpSwitchAutzUserRoleLogOffPeriod
      }
      STATUS   deprecated
      DESCRIPTION "A collection of objects for supporting
                   local user roles."
      ::= { hpSwitchAuthorizationMIBGroups 13 }

    hpSwitchAutzUserRoleGroup6 OBJECT-GROUP
      OBJECTS {
         hpSwitchAutzUserRoleEnabled,
         hpSwitchAutzUserRoleInitialRoleName,
         hpSwitchAutzUserRoleRowStatus,
         hpSwitchAutzUserRoleType,
         hpSwitchAutzUserRoleCaptivePortalProfileName,
         hpSwitchAutzUserRoleIngressUserPolicyName,
         hpSwitchAutzUserRoleReauthPeriod,
         hpSwitchAutzUserRoleVlanId,
         hpSwitchAutzUserRoleVlanName,
         hpSwitchAutzUserRoleTunneledNodeServerRedirect,
         hpSwitchAutzUserRoleTunneledNodeServerSecondaryRole,
         hpSwitchAutzUserRoleTaggedVlanName,
         hpSwitchAutzUserRoleDownloadedEnabled,
         hpSwitchAutzUserRoleTunneledNodeServerDownloadableRole,
         hpSwitchAutzUserRoleLogOffPeriod,
         hpSwitchAutzUserRoleSubTypeRowStatus,
         hpSwitchAutzUserRoleAdminEdgePort,
         hpSwitchAutzUserRolePoePriority,
         hpSwitchAutzUserRoleCachedReauthPeriod,
         hpSwitchAutzUserRolePoeAllocBy,
         hpSwitchAutzUserRoleTaggedVlanList,
         hpSwitchAutzUserRolePortMode
      }
      STATUS   current
      DESCRIPTION "A collection of objects for supporting
                   local user roles."
      ::= { hpSwitchAuthorizationMIBGroups 14 }
END
