HP 232664-006 manual 190

Remarks

If this attribute is TRUE, then IP restrictions will be satisfied

for unexceptional network clients. If this attribute is FALSE,

then IP restrictions will be unsatisfied for unexceptional

network clients.

OID

1.3.6.1.4.1.232.1001.1.1.2.5

Description

Provides a list of IP addresses, DNS names, domain,

address ranges, and subnets which partially specify right

restrictions under an IP network address constraint.

Syntax

Octet String—1.3.6.1.4.1.1466.115.121.1.40

Options

Multi Valued

Remarks

This attribute is only used on role objects.

IP restrictions are satisfied when the address matches and

general access is denied, and unsatisfied when the

address matches and general access is allowed.

Values are an identifier byte followed by a type-specific

number of bytes specifying a network address.

• For IP subnets, the identifier is <0x01>, followed by

the IP network address in network order, followed by

the IP network subnet mask in network order. For

example, the IP subnet 127.0.0.1/255.0.0.0 would

be represented as <0x01 0x7F 0x00 0x00 0x01 0xFF

0x00 0x00 0x00>. For IP ranges, the identifier is

<0x02>, followed by the lower bound IP address,

followed by the upper bound IP address. Both are

inclusive and in network order, for example the IP

range 10.0.0.1 to 10.0.10.255 would be represented

as <0x02 0x0A 0x00 0x00 0x01 0x0A 0x00 0x0A

0xFF>

• For DNS names or domains, the identifier is <0x03>,

followed by the ASCII encoded DNS name. DNS

names can be prefixed with a * (ASCII 0x2A), to

indicate they should match all names which end with

the specified string, for example the DNS domain

*.acme.com is represented as <0x03 0x2A 0x2E

0x61 0x63 0x6D 0x65 0x2E 0x63 0x6F 0x6D>.

General access is allowed.

OID

1.3.6.1.4.1.232.1001.1.1.2.6

Description

A seven day time grid, with 30-minute resolution, which

specifies rights restrictions under a time constraint.

Syntax

Octet String {42}—1.3.6.1.4.1.1466.115.121.1.40

Options

Single Valued