This module contains a collection of YANG definitions for Cisco IOS-XR aaa-locald package configuration. This YANG module augme...
Version: 2019-11-24
module Cisco-IOS-XR-aaa-locald-cfg { yang-version 1; namespace "http://cisco.com/ns/yang/Cisco-IOS-XR-aaa-locald-cfg"; prefix aaa-locald-cfg; import Cisco-IOS-XR-types { prefix xr; } import cisco-semver { prefix semver; } import Cisco-IOS-XR-aaa-lib-cfg { prefix a1; } organization "Cisco Systems, Inc."; contact "Cisco Systems, Inc. Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 Tel: +1 800 553-NETS E-mail: cs-yang@cisco.com"; description "This module contains a collection of YANG definitions for Cisco IOS-XR aaa-locald package configuration. This YANG module augments the Cisco-IOS-XR-aaa-lib-cfg module with configuration data. Copyright (c) 2013-2019 by Cisco Systems, Inc. All rights reserved."; revision "2019-11-24" { description "Added cli for enabling/disabling admin accounting via XR."; } revision "2019-04-05" { description "Establish semantic version baseline."; } revision "2018-06-04" { description "Added Yang support for aaa password-policy."; } revision "2018-04-30" { description "Added model support for aaa shell-type, directory."; } revision "2017-09-07" { description "Fixed type translation error."; } revision "2017-03-11" { description "Added model support for aaa password-policy."; } revision "2015-11-09" { description "IOS XR 6.0 revision."; } semver:module-version "2.0.0"; semver:module-version "1.0.0"; typedef Aaa-pass-policy-lockout-seconds { type uint32 { range "0..59"; } description "Aaa pass policy lockout seconds"; } typedef Aaa-pass-policy-authen-attempts { type uint32 { range "1..24"; } description "Aaa pass policy authen attempts"; } typedef Aaa-pass-policy-days { type uint32 { range "0..30"; } description "Aaa pass policy days"; } typedef Aaa-locald-task-id { type string; description "Aaa locald task id"; } typedef Aaa-pass-policy-restrict-old-count { type uint32 { range "0..10"; } description "Aaa pass policy restrict old count"; } typedef Aaa-pass-policy-years { type uint32 { range "0..99"; } description "Aaa pass policy years"; } typedef Aaa-pass-policy-hours { type uint32 { range "0..23"; } description "Aaa pass policy hours"; } typedef Aaa-pass-policy-months { type uint32 { range "0..11"; } description "Aaa pass policy months"; } typedef Aaa-password { type enumeration { enum "type5" { value 5; description "Type 5 password"; } enum "type8" { value 8; description "Type 8 password"; } enum "type9" { value 9; description "Type 9 password"; } enum "type10" { value 10; description "Type 10 password"; } } description "Aaa password"; } typedef Aaa-pass-policy-lockout-days { type uint32 { range "0..255"; } description "Aaa pass policy lockout days"; } typedef Aaa-pass-policy-seconds { type uint32 { range "30..59"; } description "Aaa pass policy seconds"; } typedef Aaa-pass-policy-length { type uint32 { range "2..253"; } description "Aaa pass policy length"; } typedef Aaa-locald-task-class { type enumeration { enum "read" { value 0; description "Permits read operation for a Task ID"; } enum "write" { value 1; description "Permits write operation for a Task ID"; } enum "execute" { value 2; description "Permits execute operation for a Task ID"; } enum "debug" { value 3; description "Permits debug operation for a Task ID"; } } description "Aaa locald task class"; } typedef Aaa-pass-policy-char-repeat-length { type uint32 { range "2..5"; } description "Aaa pass policy char repeat length"; } typedef Aaa-login-history { type uint32 { range "0..1"; } description "Aaa login history"; } typedef Aaa-pass-policy-case-length { type uint32 { range "0..253"; } description "Aaa pass policy case length"; } typedef Aaa-pass-policy-minutes { type uint32 { range "0..59"; } description "Aaa pass policy minutes"; } augment /a1:aaa { description "This augment extends the configuration data of 'Cisco-IOS-XR-aaa-lib-cfg'"; container password-policies { description "Configure password-policy"; list password-policy { key "name"; description "Password Policy name"; container lifetime { description "Liftime of the password"; leaf years { type Aaa-pass-policy-years; description "Number of years"; } leaf months { type Aaa-pass-policy-months; description "Number of months"; } leaf hours { type Aaa-pass-policy-hours; units "hour"; description "Number of hours"; } leaf minutes { type Aaa-pass-policy-minutes; units "minute"; description "Number of minutes"; } leaf seconds { type Aaa-pass-policy-seconds; units "second"; description "Number of seconds"; } leaf days { type Aaa-pass-policy-days; units "day"; description "Number of days"; } } // container lifetime container lockout-time { description "Lockout time for the maximum authentication failures"; leaf hours { type Aaa-pass-policy-hours; units "hour"; description "Number of hours"; } leaf minutes { type Aaa-pass-policy-minutes; units "minute"; description "Number of minutes"; } leaf seconds { type Aaa-pass-policy-lockout-seconds; units "second"; description "Number of seconds"; } leaf days { type Aaa-pass-policy-lockout-days; units "day"; description "Number of days"; } } // container lockout-time container restrict-old-time { description "Time limit for old password to be considered for new password check"; leaf years { type Aaa-pass-policy-years; description "Number of years"; } leaf months { type Aaa-pass-policy-months; description "Number of months"; } leaf days { type Aaa-pass-policy-days; units "day"; description "Number of days"; } } // container restrict-old-time container warninterval { description "Warninterval of the password"; leaf years { type Aaa-pass-policy-years; description "Number of years"; } leaf months { type Aaa-pass-policy-months; description "Number of months"; } leaf hours { type Aaa-pass-policy-hours; units "hour"; description "Number of hours"; } leaf minutes { type Aaa-pass-policy-minutes; units "minute"; description "Number of minutes"; } leaf seconds { type Aaa-pass-policy-seconds; units "second"; description "Number of seconds"; } leaf days { type Aaa-pass-policy-days; units "day"; description "Number of days"; } } // container warninterval leaf restrict-password-advanced { type empty; description "Imposes advanced constraints on new password"; } leaf lower-case { type Aaa-pass-policy-case-length; description "Number of lower-case characters"; } leaf restrict-password-reverse { type empty; description "Restrict usage of reversed old password as new password"; } leaf upper-case { type Aaa-pass-policy-case-length; description "Number of upper-case characters"; } leaf max-length { type Aaa-pass-policy-length; description "Maximum length of the password"; } leaf restrict-old-count { type Aaa-pass-policy-restrict-old-count; description "Number of old passwords to be considered for new password check"; } leaf restrict-username-reverse { type empty; description "Restrict usage of reversed username as passwordRestrict associated username to be used as password"; } leaf min-char-change { type Aaa-pass-policy-case-length; description "Number of characters change required between old and new passwords"; } leaf special-char { type Aaa-pass-policy-case-length; description "Number of special characters"; } leaf numeric { type Aaa-pass-policy-case-length; description "Number of numeric characters"; } leaf restrict-username { type empty; description "Restrict associated username to be used as password"; } leaf max-char-repetition { type Aaa-pass-policy-char-repeat-length; description "Number of times a character can repeat consecutively in new password"; } leaf min-length { type Aaa-pass-policy-length; description "Minimum length of the password"; } leaf authen-max-attempts { type Aaa-pass-policy-authen-attempts; description "Number of maximum authentication attempts"; } leaf name { type xr:Cisco-ios-xr-string { length "1..252"; } description "Password Policy name"; } } // list password-policy } // container password-policies } augment /a1:aaa { description "This augment extends the configuration data of 'Cisco-IOS-XR-aaa-lib-cfg'"; container server-groups { description "AAA group definitions"; } // container server-groups } augment /a1:aaa { description "This augment extends the configuration data of 'Cisco-IOS-XR-aaa-lib-cfg'"; leaf default-taskgroup { type string; description "This class is used for setting the default taskgroup to be used for remote server authentication"; } } augment /a1:aaa { description "This augment extends the configuration data of 'Cisco-IOS-XR-aaa-lib-cfg'"; leaf admin-accounting { type string; description "This class is used to enable/disable admin-accounting"; } } augment /a1:aaa { description "This augment extends the configuration data of 'Cisco-IOS-XR-aaa-lib-cfg'"; container usernames { description "Configure local usernames"; list username { key "ordering-index name"; description "Local username"; container password-policy { description "Mention Password policy for the user"; leaf name { type xr:Cisco-ios-xr-string { length "1..252"; } description "Password Policy name"; } leaf password { type xr:Proprietary-password; description "The user's password"; } } // container password-policy container secret { description "Specify the secret for the user"; leaf type { type Aaa-password; description "Password type"; } leaf secret5 { when "../type = 'type5'" { description "../Type = Type5"; } type xr:Md5-password; description "The user's secret password"; } leaf secret8 { when "../type = 'type8'" { description "../Type = Type8"; } type xr:Type8-password; description "Type 8 password"; } leaf secret9 { when "../type = 'type9'" { description "../Type = Type9"; } type xr:Type9-password; description "Type 9 password"; } leaf secret10 { when "../type = 'type10'" { description "../Type = Type10"; } type xr:Type10-password; description "Type 10 password"; } } // container secret container usergroup-under-usernames { description "Specify the usergroup to which this user belongs"; list usergroup-under-username { key "name"; description "Name of the usergroup"; leaf name { type xr:Cisco-ios-xr-string; description "Name of the usergroup"; } } // list usergroup-under-username } // container usergroup-under-usernames leaf login-history { type Aaa-login-history; description "To display previous login details after login is successful."; } leaf password { type xr:Proprietary-password; description "Specify the password for the user"; } leaf directory { type string { length "1..512"; } description "Specify the directory for the user"; } leaf shell-type { type string { length "1..32"; } description "Specify the shell-type for the user"; } leaf policy { type xr:Cisco-ios-xr-string { length "1..252"; } description "Mention Secret policy for the user"; } leaf ordering-index { type uint32; description "This is used to sort the users in the order of precedence"; } leaf name { type string; description "Username"; } } // list username } // container usernames } augment /a1:aaa { description "This augment extends the configuration data of 'Cisco-IOS-XR-aaa-lib-cfg'"; container taskgroups { description "Specify a taskgroup to inherit from"; list taskgroup { key "name"; description "Taskgroup name"; container taskgroup-under-taskgroups { description "Specify a taskgroup to inherit from"; list taskgroup-under-taskgroup { key "name"; description "Name of the task group to include"; leaf name { type xr:Cisco-ios-xr-string; description "Name of the task group to include"; } } // list taskgroup-under-taskgroup } // container taskgroup-under-taskgroups container tasks { description "Specify task IDs to be part of this group"; list task { key "type task-id"; description "Task ID to be included"; leaf type { type Aaa-locald-task-class; description "This specifies the operation permitted for this task eg: read/write/execute/debug"; } leaf task-id { type Aaa-locald-task-id; description "Task ID to which permission is to be granted (please use class AllTasks to get a list of valid task IDs)"; } } // list task } // container tasks leaf description { type string; description "Description for the task group"; } leaf name { type string; description "Taskgroup name"; } } // list taskgroup } // container taskgroups } augment /a1:aaa { description "This augment extends the configuration data of 'Cisco-IOS-XR-aaa-lib-cfg'"; container usergroups { description "Specify a Usergroup to inherit from"; list usergroup { key "name"; description "Usergroup name"; container taskgroup-under-usergroups { description "Task group associated with this group"; list taskgroup-under-usergroup { key "name"; description "Name of the task group"; leaf name { type xr:Cisco-ios-xr-string; description "Name of the task group"; } } // list taskgroup-under-usergroup } // container taskgroup-under-usergroups container usergroup-under-usergroups { description "User group to be inherited by this group"; list usergroup-under-usergroup { key "name"; description "Name of the user group"; leaf name { type xr:Cisco-ios-xr-string; description "Name of the user group"; } } // list usergroup-under-usergroup } // container usergroup-under-usergroups leaf description { type string; description "Description for the user group"; } leaf name { type string; description "Usergroup name"; } } // list usergroup } // container usergroups } } // module Cisco-IOS-XR-aaa-locald-cfg
© 2023 YumaWorks, Inc. All rights reserved.