diff options
Diffstat (limited to 'static/redfish/v1/JsonSchemas/AccountService/AccountService.json')
| -rw-r--r-- | static/redfish/v1/JsonSchemas/AccountService/AccountService.json | 304 |
1 files changed, 149 insertions, 155 deletions
diff --git a/static/redfish/v1/JsonSchemas/AccountService/AccountService.json b/static/redfish/v1/JsonSchemas/AccountService/AccountService.json index d34bbf418e..487b3f4012 100644 --- a/static/redfish/v1/JsonSchemas/AccountService/AccountService.json +++ b/static/redfish/v1/JsonSchemas/AccountService/AccountService.json @@ -1,8 +1,8 @@ { - "$id": "http://redfish.dmtf.org/schemas/v1/AccountService.v1_4_0.json", + "$id": "http://redfish.dmtf.org/schemas/v1/AccountService.v1_6_0.json", "$ref": "#/definitions/AccountService", "$schema": "http://redfish.dmtf.org/schemas/v1/redfish-schema-v1.json", - "copyright": "Copyright 2014-2018 DMTF. For the full DMTF copyright policy, see http://www.dmtf.org/about/policies/copyright", + "copyright": "Copyright 2014-2019 DMTF. For the full DMTF copyright policy, see http://www.dmtf.org/about/policies/copyright", "definitions": { "AccountProviderTypes": { "enum": [ @@ -12,24 +12,24 @@ "OEM" ], "enumDescriptions": { - "ActiveDirectoryService": "An external Active Directory Service.", - "LDAPService": "A generic external LDAP Service.", - "OEM": "An OEM specific external authentication or directory service.", + "ActiveDirectoryService": "An external Active Directory service.", + "LDAPService": "A generic external LDAP service.", + "OEM": "An OEM-specific external authentication or directory service.", "RedfishService": "An external Redfish Service." }, "enumLongDescriptions": { - "ActiveDirectoryService": "The external account provider shall be a service conforming to the Microsoft Active Directory Technical specification. The format of ServiceAddresses shall be a collection of FQDNs or Netbios names that references the set of domain servers for the Active Directory service.", - "LDAPService": "The external account provider shall be a service conforming to RFC4511. The format of ServiceAddresses shall be a collection of FQDNs that references the set of LDAP servers for the service.", - "RedfishService": "The external account provider shall be a service conforming to the DMTF Redfish specification. The format of ServiceAddresses shall be a collection of URIs which corresponds to a Redfish AccountService entity." + "ActiveDirectoryService": "The external account provider shall be a Microsoft Active Directory Technical Specification-comformant service. The ServiceAddresses format shall contain a set of fully qualified domain names (FQDN) or NetBIOS names that links to the set of domain servers for the Active Directory Service.", + "LDAPService": "The external account provider shall be an RFC4511-conformant service. The ServiceAddresses format shall contain a set of fully qualified domain names (FQDN) that links to the set of LDAP servers for the Service.", + "RedfishService": "The external account provider shall be a DMTF Redfish Specification-comformant service. The ServiceAddresses format shall contain a set of URIs that correspond to a Redfish Account Service." }, "type": "string" }, "AccountService": { "additionalProperties": false, - "description": "The AccountService schema contains properties for managing user accounts. The properties are common to all user accounts, such as password requirements, and control features such as account lockout. The schema also contains links to the collections of Manager Accounts and Roles.", - "longDescription": "This resource shall be used to represent a management account service for a Redfish implementation.", + "description": "The AccountService schema defines an Account Service. The properties are common to, and enable management of, all user accounts. The properties include the password requirements and control features, such as account lockout. The schema also contains links to the manager accounts and roles.", + "longDescription": "This Resource shall represent an Account Service for a Redfish implementation. The properties are common to, and enable management of, all user accounts. The properties include the password requirements and control features, such as account lockout.", "patternProperties": { - "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_.]+$": { + "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { "description": "This property shall specify a valid odata or Redfish property.", "type": [ "array", @@ -44,28 +44,35 @@ }, "properties": { "@odata.context": { - "$ref": "http://redfish.dmtf.org/schemas/v1/odata.v4_0_3.json#/definitions/context" + "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/context" }, "@odata.etag": { - "$ref": "http://redfish.dmtf.org/schemas/v1/odata.v4_0_3.json#/definitions/etag" + "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/etag" }, "@odata.id": { - "$ref": "http://redfish.dmtf.org/schemas/v1/odata.v4_0_3.json#/definitions/id" + "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/id" }, "@odata.type": { - "$ref": "http://redfish.dmtf.org/schemas/v1/odata.v4_0_3.json#/definitions/type" + "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/type" }, "AccountLockoutCounterResetAfter": { - "description": "The interval of time in seconds between the last failed login attempt and reset of the lockout threshold counter. This value must be less than or equal to AccountLockoutDuration. Reset sets the counter to zero.", - "longDescription": "This property shall reference the threshold of time in seconds from the last failed login attempt at which point the AccountLockoutThreshold counter (that counts number of failed login attempts) is reset back to zero (at which point AccountLockoutThreshold failures would be required before the account is locked). This value shall be less than or equal to AccountLockoutDuration. The threshold counter also resets to zero after each successful login.", + "description": "The period of time, in seconds, between the last failed login attempt and the reset of the lockout threshold counter. This value must be less than or equal to the AccountLockoutDuration value. A reset sets the counter to `0`.", + "longDescription": "This property shall contain the period of time, in seconds, from the last failed login attempt when the AccountLockoutThreshold counter, which counts the number of failed login attempts, is reset to `0`. Then, AccountLockoutThreshold failures are required before the account is locked. This value shall be less than or equal to the AccountLockoutDuration value. The threshold counter also resets to `0` after each successful login. If the AccountLockoutCounterResetEnabled value is `false`, this property shall be ignored.", "minimum": 0, "readonly": false, "type": "integer", "units": "s" }, + "AccountLockoutCounterResetEnabled": { + "description": "An indication of whether the threshold counter is reset after AccountLockoutCounterResetAfter expires. If `true`, it is reset. If `false`, only a successful login resets the threshold counter and if the user reaches the AccountLockoutThreshold limit, the account will be locked out indefinitely and only an administrator-issued reset clears the threshold counter. If this property is absent, the default is `true`.", + "longDescription": "This property shall indicate whether the threshold counter is reset after the AccountLockoutCounterResetAfter expires. If `true`, it is reset. If `false`, only a successful login resets the threshold counter and if the user reaches the AccountLockoutThreshold limit, the account shall be locked out indefinitely and only an administrator-issued reset clears the threshold counter. If this property is absent, the default is `true`.", + "readonly": false, + "type": "boolean", + "versionAdded": "v1_5_0" + }, "AccountLockoutDuration": { - "description": "The time in seconds an account is locked out. The value must be greater than or equal to the value of the AccountLockoutCounterResetAfter property. If set to 0, no lockout occurs.", - "longDescription": "This property shall reference the period of time in seconds that an account is locked after the number of failed login attempts reaches the threshold referenced by AccountLockoutThreshold, within the window of time referenced by AccountLockoutCounterResetAfter. The value shall be greater than or equal to the value of AccountLockoutResetAfter. If set to 0, no lockout shall occur.", + "description": "The period of time, in seconds, that an account is locked after the number of failed login attempts reaches the account lockout threshold, within the period between the last failed login attempt and the reset of the lockout threshold counter. If this value is `0`, no lockout will occur. If the AccountLockoutCounterResetEnabled value is `false`, this property is ignored.", + "longDescription": "This property shall contain the period of time, in seconds, that an account is locked after the number of failed login attempts reaches the AccountLockoutThreshold value, within the AccountLockoutCounterResetAfter window of time. The value shall be greater than or equal to the AccountLockoutResetAfter value. If this value is `0`, no lockout shall occur. If AccountLockoutCounterResetEnabled value is `false`, this property shall be ignored.", "minimum": 0, "readonly": false, "type": [ @@ -75,8 +82,8 @@ "units": "s" }, "AccountLockoutThreshold": { - "description": "The number of failed login attempts allowed before a user account is locked for a specified duration. A value of 0 means it is never locked.", - "longDescription": "This property shall reference the threshold of failed login attempts at which point the user's account is locked. If set to 0, no lockout shall ever occur.", + "description": "The number of allowed failed login attempts before a user account is locked for a specified duration. If `0`, the account is never locked.", + "longDescription": "This property shall contain the threshold of failed login attempts before a user account is locked. If `0`, the account shall never be locked.", "minimum": 0, "readonly": false, "type": [ @@ -86,32 +93,32 @@ }, "Accounts": { "$ref": "http://redfish.dmtf.org/schemas/v1/ManagerAccountCollection.json#/definitions/ManagerAccountCollection", - "description": "A link to a collection of Manager Accounts.", - "longDescription": "This property shall contain the link to a collection of type ManagerAccountCollection.", + "description": "The collection of manager accounts.", + "longDescription": "This property shall contain a link to a Resource Collection of type ManagerAccountCollection.", "readonly": true }, "Actions": { "$ref": "#/definitions/Actions", - "description": "The available actions for this resource.", - "longDescription": "The Actions property shall contain the available actions for this resource.", + "description": "The available actions for this Resource.", + "longDescription": "This property shall contain the available actions for this Resource.", "versionAdded": "v1_2_0" }, "ActiveDirectory": { "$ref": "#/definitions/ExternalAccountProvider", - "description": "The first ActiveDirectory external account provider this AccountService supports.", - "longDescription": "This property shall contain the first ActiveDirectory external account provider this AccountService supports. If the AccountService supports 1 or more ActiveDirectory services as an external account provider this entity must be populated by default. This entity shall not be present in the AdditionalExternalAccountProviders collection.", + "description": "The first Active Directory external account provider that this Account Service supports.", + "longDescription": "This property shall contain the first Active Directory external account provider that this Account Service supports. If the Account Service supports one or more Active Directory services as an external account provider, this entity shall be populated by default. This entity shall not be present in the AdditionalExternalAccountProviders Resource Collection.", "versionAdded": "v1_3_0" }, "AdditionalExternalAccountProviders": { "$ref": "http://redfish.dmtf.org/schemas/v1/ExternalAccountProviderCollection.json#/definitions/ExternalAccountProviderCollection", - "description": "The additional external account providers this AccountService is using.", - "longDescription": "This property shall contain an additional external account providers this AccountService is using.", + "description": "The additional external account providers that this Account Service uses.", + "longDescription": "This property shall contain the additional external account providers that this Account Service uses.", "readonly": true, "versionAdded": "v1_3_0" }, "AuthFailureLoggingThreshold": { - "description": "The number of authorization failures allowed before the failure attempt is logged to the manager log.", - "longDescription": "This property shall reference the threshold for when an authorization failure is logged. This represents a modulo function value, thus the failure shall be logged every nth occurrence where n represents the value of this property.", + "description": "The number of authorization failures that are allowed before the failed attempt is logged to the manager log.", + "longDescription": "This property shall contain the threshold for when an authorization failure is logged. This value represents a modulo function. The failure shall be logged every `n`th occurrence, where `n` represents this property.", "minimum": 0, "readonly": false, "type": "integer" @@ -133,27 +140,27 @@ }, "LDAP": { "$ref": "#/definitions/ExternalAccountProvider", - "description": "The first LDAP external account provider this AccountService supports.", - "longDescription": "This property shall contain the first LDAP external account provider this AccountService supports. If the AccountService supports 1 or more LDAP services as an external account provider this entity must be populated by default. This entity shall not be present in the AdditionalExternalAccountProviders collection.", + "description": "The first LDAP external account provider that this Account Service supports.", + "longDescription": "This property shall contain the first LDAP external account provider that this Account Service supports. If the Account Service supports one or more LDAP services as an external account provider, this entity shall be populated by default. This entity shall not be present in the AdditionalExternalAccountProviders Resource Collection.", "versionAdded": "v1_3_0" }, "LocalAccountAuth": { "$ref": "#/definitions/LocalAccountAuth", - "description": "Controls when this service will use the accounts defined withing this AccountService as part of authentication.", - "longDescription": "This property shall govern how the service uses the Accounts collection within this AccountService as part of authentication. Details about each of the modes are found in the description of the enum values.", + "description": "An indication of how the Service uses the accounts collection within this Account Service as part of authentication. The enumerated values describe the details for each mode.", + "longDescription": "This property shall govern how the Service uses the Accounts Resource Collection within this Account Service as part of authentication. The enumerated values describe the details for each mode.", "readonly": false, "versionAdded": "v1_3_0" }, "MaxPasswordLength": { - "description": "The maximum password length for this service.", - "longDescription": "This property shall reference the maximum password length that the implementation will allow a password to be set to.", + "description": "The maximum password length for this Account Service.", + "longDescription": "This property shall contain the maximum password length that the implementation allows for this Account Service.", "minimum": 0, "readonly": true, "type": "integer" }, "MinPasswordLength": { - "description": "The minimum password length for this service.", - "longDescription": "This property shall reference the minimum password length that the implementation will allow a password to be set to.", + "description": "The minimum password length for this Account Service.", + "longDescription": "This property shall contain the minimum password length that the implementation allows for this Account Service.", "minimum": 0, "readonly": true, "type": "integer" @@ -164,25 +171,25 @@ }, "Oem": { "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Oem", - "description": "This is the manufacturer/provider specific extension moniker used to divide the Oem object into sections.", - "longDescription": "The value of this string shall be of the format for the reserved word *Oem*." + "description": "The OEM extension property.", + "longDescription": "This property shall contain the OEM extensions. All values for properties that this object contains shall conform to the Redfish Specification-described requirements." }, "PrivilegeMap": { "$ref": "http://redfish.dmtf.org/schemas/v1/PrivilegeRegistry.json#/definitions/PrivilegeRegistry", - "description": "A reference to the Privilege mapping that defines the privileges needed to perform a requested operation on a URI associated with this service.", - "longDescription": "The value of this property shall be a link to a resource of type PrivilegeMappoing that defines the privileges a user context needs in order to perform a requested operation on a URI associated with this service.", + "description": "The link to the mapping of the privileges required to complete a requested operation on a URI associated with this Service.", + "longDescription": "This property shall contain a link to a Resource of type PrivilegeMapping that contains the privileges that are required for a user context to complete a requested operation on a URI associated with this Service.", "readonly": true, "versionAdded": "v1_1_0" }, "Roles": { "$ref": "http://redfish.dmtf.org/schemas/v1/RoleCollection.json#/definitions/RoleCollection", - "description": "A link to a collection of Roles.", - "longDescription": "This property shall contain the link to a collection of type RoleCollection.", + "description": "The collection of Redfish Roles.", + "longDescription": "This property shall contain a link to a Resource Collection of type RoleCollection.", "readonly": true }, "ServiceEnabled": { - "description": "Indicates whether this service is enabled. If set to false, the AccountService is disabled. This means no users can be created, deleted or modified. Any service attempting to access the AccountService resource (for example, the Session Service) will fail. New sessions cannot be started when the service is disabled. However, established sessions may still continue operating. This does not affect Basic AUTH connections.", - "longDescription": "The value of this property shall be a boolean indicating whether this service is enabled. If this is set to false, the AccountService is disabled. This means no users can be created, deleted or modified. Any service attempting to access the Account Service, like the Session Service, will fail accessing. Thus new sessions cannot be started with the service disabled (though established sessions may still continue operating). Note: this does not affect Basic AUTH connections.", + "description": "An indication of whether the Account Service is enabled. If `true`, it is enabled. If `false`, it is disabled and users cannot be created, deleted, or modified, and new sessions cannot be started. However, established sessions may still continue to run. Any service, such as the Session Service, that attempts to access the disabled Account Service fails. However, this does not affect HTTP Basic Authentication connections.", + "longDescription": "This property shall indicate whether the Account Service is enabled. If `true`, it is enabled. If `false`, it is disabled and users cannot be created, deleted, or modified, and new sessions cannot be started. However, established sessions may still continue to run. Any service, such as the Session Service, that attempts to access the disabled Account Service fails. However, this does not affect HTTP Basic Authentication connections.", "readonly": false, "type": [ "boolean", @@ -191,8 +198,8 @@ }, "Status": { "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Status", - "description": "This property describes the status and health of the resource and its children.", - "longDescription": "This property shall contain any status or health properties of the resource." + "description": "The status and health of the Resource and its subordinate or dependent Resources.", + "longDescription": "This property shall contain any status or health properties of the Resource." } }, "required": [ @@ -205,10 +212,10 @@ }, "Actions": { "additionalProperties": false, - "description": "The available actions for this resource.", - "longDescription": "This type shall contain the available actions for this resource.", + "description": "The available actions for this Resource.", + "longDescription": "This type shall contain the available actions for this Resource.", "patternProperties": { - "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_.]+$": { + "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { "description": "This property shall specify a valid odata or Redfish property.", "type": [ "array", @@ -224,8 +231,8 @@ "properties": { "Oem": { "$ref": "#/definitions/OemActions", - "description": "This property contains the available OEM specific actions for this resource.", - "longDescription": "This property shall contain any additional OEM actions for this resource.", + "description": "The available OEM-specific actions for this Resource.", + "longDescription": "This property shall contain the available OEM-specific actions for this Resource.", "versionAdded": "v1_2_0" } }, @@ -233,10 +240,10 @@ }, "Authentication": { "additionalProperties": false, - "description": "Contains the authentication information for the external service.", - "longDescription": "This type shall contain all the required information to authenticate to the external service.", + "description": "The information required to authenticate to the external service.", + "longDescription": "This type shall contain the information required to authenticate to the external service.", "patternProperties": { - "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_.]+$": { + "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { "description": "This property shall specify a valid odata or Redfish property.", "type": [ "array", @@ -259,14 +266,14 @@ "type": "null" } ], - "description": "This property contains the type of authentication used to connect to the external account provider.", - "longDescription": "The value of this property shall be the type of authentication used to connect to the external account provider.", + "description": "The type of authentication used to connect to the external account provider.", + "longDescription": "This property shall contain the type of authentication used to connect to the external account provider.", "readonly": false, "versionAdded": "v1_3_0" }, "KerberosKeytab": { - "description": "This property is used with a PATCH or PUT to write a base64 encoded version of the kerberos keytab for the account. This property is null on a GET.", - "longDescription": "The value of this property shall be a base64 encoded version of the kerberos keytab for this account service. The value shall be null for GET requests.", + "description": "The Base64-encoded version of the Kerberos keytab for this Service. A PATCH or PUT operation writes the keytab. This property is `null` in responses.", + "longDescription": "This property shall contain a Base64-encoded version of the Kerberos keytab for this Service. A PATCH or PUT operation writes the keytab. The value shall be `null` in responses.", "readonly": false, "type": [ "string", @@ -276,13 +283,13 @@ }, "Oem": { "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Oem", - "description": "Oem extension object.", - "longDescription": "This object represents the Oem property. All values for resources described by this schema shall comply to the requirements as described in the Redfish specification.", + "description": "The OEM extension property.", + "longDescription": "This property shall contain the OEM extensions. All values for properties contained in this object shall conform to the Redfish Specification-described requirements.", "versionAdded": "v1_3_0" }, "Password": { - "description": "This property is used with a PATCH or PUT to write the password for the account service. This property is null on a GET.", - "longDescription": "The value of this property shall be the password for this account service. The value shall be null for GET requests.", + "description": "The password for this Service. A PATCH or PUT request writes the password. This property is `null` in responses.", + "longDescription": "This property shall contain the password for this Service. A PATCH or PUT operation writes the password. The value shall be `null` in responses.", "readonly": false, "type": [ "string", @@ -291,8 +298,8 @@ "versionAdded": "v1_3_0" }, "Token": { - "description": "This property is used with a PATCH or PUT to write the token for the account. This property is null on a GET.", - "longDescription": "The value of this property shall be the token for this account service. The value shall be null for GET requests.", + "description": "The token for this Service. A PATCH or PUT operation writes the token. This property is `null` in responses.", + "longDescription": "This property shall contain the token for this Service. A PATCH or PUT operation writes the token. The value shall be `null` in responses.", "readonly": false, "type": [ "string", @@ -301,8 +308,8 @@ "versionAdded": "v1_3_0" }, "Username": { - "description": "This property contains the user name for the account service.", - "longDescription": "The value of this property shall be the user name for this account service.", + "description": "The user name for the Service.", + "longDescription": "This property shall contain the user name for this Service.", "readonly": false, "type": "string", "versionAdded": "v1_3_0" @@ -318,19 +325,19 @@ "OEM" ], "enumDescriptions": { - "KerberosKeytab": "A kerberos keytab.", - "OEM": "An OEM specific authentication mechanism.", + "KerberosKeytab": "A Kerberos keytab.", + "OEM": "An OEM-specific authentication mechanism.", "Token": "An opaque authentication token.", - "UsernameAndPassword": "Username and password combination." + "UsernameAndPassword": "A user name and password combination." }, "type": "string" }, "ExternalAccountProvider": { "additionalProperties": false, - "description": "A remote service that can provide accounts for this manager to utilize for authentication.", - "longDescription": "This type shall be used to represent resources that represent external user account services for this manager.", + "description": "The external account provider services that can provide accounts for this manager to use for authentication.", + "longDescription": "This type shall contain properties that represent external account provider services that can provide accounts for this manager to use for authentication.", "patternProperties": { - "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_.]+$": { + "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { "description": "This property shall specify a valid odata or Redfish property.", "type": [ "array", @@ -353,46 +360,34 @@ "type": "null" } ], - "description": "This property contains the type of external account provider this resource references.", - "longDescription": "The value of this property shall be the type of external account provider referenced by this resource.", + "deprecated": "This property is deprecated because the account provider type is known when used in the LDAP and ActiveDirectory objects.", + "description": "The type of external account provider to which this Service connects.", + "longDescription": "This property shall contain the type of external account provider to which this Service connects.", "readonly": true, - "versionAdded": "v1_3_0" + "versionAdded": "v1_3_0", + "versionDeprecated": "v1_5_0" }, "Authentication": { - "anyOf": [ - { - "$ref": "#/definitions/Authentication" - }, - { - "type": "null" - } - ], - "description": "This property contains the authentication information for the external account provider.", - "longDescription": "The value of this property shall contain the authentication information for the external account provider.", + "$ref": "#/definitions/Authentication", + "description": "The authentication information for the external account provider.", + "longDescription": "This property shall contain the authentication information for the external account provider.", "versionAdded": "v1_3_0" }, "Certificates": { "$ref": "http://redfish.dmtf.org/schemas/v1/CertificateCollection.json#/definitions/CertificateCollection", - "description": "This is a reference to a collection of certificates used for the external account provider.", - "longDescription": "The value of this property shall be a link to a collection of type CertificateCollection.", + "description": "The link to a collection of certificates that the external account provider uses.", + "longDescription": "This property shall contain a link to a Resource Collection of certificates of the CertificateCollection type that the external account provider uses.", "readonly": true, "versionAdded": "v1_4_0" }, "LDAPService": { - "anyOf": [ - { - "$ref": "#/definitions/LDAPService" - }, - { - "type": "null" - } - ], - "description": "This property contains additional mapping information needed to parse a generic LDAP service.", - "longDescription": "The value of this property shall contain any additional mapping information needed to parse a generic LDAP service.", + "$ref": "#/definitions/LDAPService", + "description": "The additional mapping information needed to parse a generic LDAP service.", + "longDescription": "This property shall contain any additional mapping information needed to parse a generic LDAP service. This property should only be present inside the LDAP property.", "versionAdded": "v1_3_0" }, "RemoteRoleMapping": { - "description": "This property contains a collection of the mapping rules to convert the external account providers account information to the local Redfish Role.", + "description": "The mapping rules to convert the external account providers account information to the local Redfish Role.", "items": { "anyOf": [ { @@ -403,26 +398,26 @@ } ] }, - "longDescription": "This property shall contain a collection of the mapping rules to convert the external account providers account information to the local Redfish Role.", + "longDescription": "This property shall contain a set of the mapping rules that are used to convert the external account providers account information to the local Redfish Role.", "type": "array", "versionAdded": "v1_3_0" }, "ServiceAddresses": { - "description": "This property contains the addresses of the user account providers this resource references. The format of this field depends on the Type.", + "description": "The addresses of the user account providers to which this external account provider links. The format of this field depends on the type of external account provider.", "items": { "type": [ "string", "null" ] }, - "longDescription": "The value of this property shall be the addresses of the account providers this resource references. The format of this field depends on the Type of the ExternalAccountProvider. Each item in the array shall contain a single address. Services may define their own behavior for managing multiple addresses.", + "longDescription": "This property shall contain the addresses of the account providers to which this external account provider links. The format of this field depends on the type of external account provider. Each item in the array shall contain a single address. Services may define their own behavior for managing multiple addresses.", "readonly": false, "type": "array", "versionAdded": "v1_3_0" }, "ServiceEnabled": { - "description": "This indicates whether this service is enabled.", - "longDescription": "The value of this property shall be a boolean indicating whether this service is enabled.", + "description": "An indication of whether this service is enabled.", + "longDescription": "This property shall indicate whether this service is enabled.", "readonly": false, "type": [ "boolean", @@ -435,10 +430,10 @@ }, "LDAPSearchSettings": { "additionalProperties": false, - "description": "Contains settings for searching a generic LDAP service.", - "longDescription": "This type shall contain all the required settings for searching a generic LDAP service.", + "description": "The settings to search a generic LDAP service.", + "longDescription": "This type shall contain all required settings to search a generic LDAP service.", "patternProperties": { - "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_.]+$": { + "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { "description": "This property shall specify a valid odata or Redfish property.", "type": [ "array", @@ -453,21 +448,21 @@ }, "properties": { "BaseDistinguishedNames": { - "description": "The base distinguished names to use when searching the LDAP service.", + "description": "The base distinguished names to use to search an external LDAP service.", "items": { "type": [ "string", "null" ] }, - "longDescription": "The value of this property shall be a collection of base distinguished names to use when searching the LDAP service.", + "longDescription": "This property shall contain an array of base distinguished names to use to search an external LDAP service.", "readonly": false, "type": "array", "versionAdded": "v1_3_0" }, "GroupNameAttribute": { - "description": "The attribute name that contains the name of the Group.", - "longDescription": "The value of this property shall be the attribute name that contains the name of the Group.", + "description": "The attribute name that contains the LDAP group name entry.", + "longDescription": "This property shall contain the attribute name that contains the LDAP group name.", "readonly": false, "type": [ "string", @@ -476,8 +471,8 @@ "versionAdded": "v1_3_0" }, "GroupsAttribute": { - "description": "The attribute name that contains the Groups for a user.", - "longDescription": "The value of this property shall be the attribute name that contains the Groups for a user.", + "description": "The attribute name that contains the groups for a user on the LDAP user entry.", + "longDescription": "This property shall contain the attribute name that contains the groups for an LDAP user entry.", "readonly": false, "type": [ "string", @@ -486,8 +481,8 @@ "versionAdded": "v1_3_0" }, "UsernameAttribute": { - "description": "The attribute name that contains the Username.", - "longDescription": "The value of this property shall be the attribute name that contains the Username.", + "description": "The attribute name that contains the LDAP user name entry.", + "longDescription": "This property shall contain the attribute name that contains the LDAP user name.", "readonly": false, "type": [ "string", @@ -500,10 +495,10 @@ }, "LDAPService": { "additionalProperties": false, - "description": "Contains settings for parsing a generic LDAP service.", - "longDescription": "This type shall contain all the required settings for parsing a generic LDAP service.", + "description": "The settings required to parse a generic LDAP service.", + "longDescription": "This type shall contain all required settings to parse a generic LDAP service.", "patternProperties": { - "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_.]+$": { + "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { "description": "This property shall specify a valid odata or Redfish property.", "type": [ "array", @@ -519,21 +514,14 @@ "properties": { "Oem": { "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Oem", - "description": "Oem extension object.", - "longDescription": "This object represents the Oem property. All values for resources described by this schema shall comply to the requirements as described in the Redfish specification.", + "description": "The OEM extension property.", + "longDescription": "This property shall contain the OEM extensions. All values for properties contained in this object shall conform to the Redfish Specification-described requirements.", "versionAdded": "v1_3_0" }, "SearchSettings": { - "anyOf": [ - { - "$ref": "#/definitions/LDAPSearchSettings" - }, - { - "type": "null" - } - ], - "description": "This property contains the settings needed to search an external LDAP service.", - "longDescription": "The value of this property shall contain the settings needed to search an external LDAP service.", + "$ref": "#/definitions/LDAPSearchSettings", + "description": "The required settings to search an external LDAP service.", + "longDescription": "This property shall contain the required settings to search an external LDAP service.", "versionAdded": "v1_3_0" } }, @@ -543,26 +531,32 @@ "enum": [ "Enabled", "Disabled", - "Fallback" + "Fallback", + "LocalFirst" ], "enumDescriptions": { - "Disabled": "Authentication via accounts defined in this AccountService is disabled.", - "Enabled": "Authentication via accounts defined in this AccountService is enabled.", - "Fallback": "Authentication via accounts defined in this AccountService is only used if there are external account providers that are currently unreachable." + "Disabled": "The service never authenticates users based on the Account Service-defined accounts collection.", + "Enabled": "The service authenticates users based on the Account Service-defined accounts collection.", + "Fallback": "The service authenticates users based on the Account Service-defined accounts collection only if any external account providers are currently unreachable.", + "LocalFirst": "The service first authenticates users based on the Account Service-defined accounts collection. If authentication fails, the Service authenticates by using external account providers." }, "enumLongDescriptions": { - "Disabled": "This value shall be used to indicate that the service will never authenticate users based on the Accounts collection within this AccountService.", - "Enabled": "This value shall be used to indicate that the service will authenticate users based on the Accounts collection within this AccountService.", - "Fallback": "This value shall be used to indicate that the service will authenticate users based on the Accounts collection within this AccountService only if there are external account providers that are currently unreachable." + "Disabled": "The service shall never authenticate users based on the Account Service-defined Accounts Resource Collection.", + "Enabled": "The service shall authenticate users based on the Account Service-defined Accounts Resource Collection.", + "Fallback": "The service shall authenticate users based on the Account Service-defined Accounts Resource Collection only if any external account providers are currently unreachable.", + "LocalFirst": "The service shall first authenticate users based on the Account Service-defined Accounts Resource Collection. If authentication fails, the Service shall authenticate by using external account providers." + }, + "enumVersionAdded": { + "LocalFirst": "v1_6_0" }, "type": "string" }, "OemActions": { "additionalProperties": true, - "description": "The available OEM specific actions for this resource.", - "longDescription": "This type shall contain any additional OEM actions for this resource.", + "description": "The available OEM-specific actions for this Resource.", + "longDescription": "This type shall contain the available OEM-specific actions for this Resource.", "patternProperties": { - "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_.]+$": { + "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { "description": "This property shall specify a valid odata or Redfish property.", "type": [ "array", @@ -580,10 +574,10 @@ }, "RoleMapping": { "additionalProperties": false, - "description": "Contains mapping rules to convert the external account providers account information to the local Redfish Role.", - "longDescription": "This type shall contain mapping rules to convert the external account providers account information to the local Redfish Role.", + "description": "The mapping rules that are used to convert the external account providers account information to the local Redfish Role.", + "longDescription": "This type shall contain mapping rules that are used to convert the external account providers account information to the local Redfish Role.", "patternProperties": { - "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_.]+$": { + "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { "description": "This property shall specify a valid odata or Redfish property.", "type": [ "array", @@ -598,8 +592,8 @@ }, "properties": { "LocalRole": { - "description": "The name of the local role in which to map the remote user or group.", - "longDescription": "The value of this property shall contain the value of the RoleId property within a Role resource on this Redfish service in which to map the remote user or group.", + "description": "The name of the local Redfish Role to which to map the remote user or group.", + "longDescription": "This property shall contain the RoleId property value within a Role Resource on this Redfish Service to which to map the remote user or group.", "readonly": false, "type": [ "string", @@ -609,13 +603,13 @@ }, "Oem": { "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Oem", - "description": "Oem extension object.", - "longDescription": "This object represents the Oem property. All values for resources described by this schema shall comply to the requirements as described in the Redfish specification.", + "description": "The OEM extension property.", + "longDescription": "This property shall contain the OEM extensions. All values for properties contained in this object shall conform to the Redfish Specification-described requirements.", "versionAdded": "v1_3_0" }, "RemoteGroup": { - "description": "This property is the name of the remote group (or in the case of a Redfish Service, remote role) that will be mapped to the local role referenced by this entity.", - "longDescription": "The value of this property shall contain the name of the remote group (or in the case of a Redfish Service, remote role) that will be mapped to the local role referenced by this entity.", + "description": "The name of the remote group, or the remote role in the case of a Redfish Service, that maps to the local Redfish Role to which this entity links.", + "longDescription": "This property shall contain the name of the remote group, or the remote role in the case of a Redfish Service, that maps to the local Redfish Role to which this entity links.", "readonly": false, "type": [ "string", @@ -624,8 +618,8 @@ "versionAdded": "v1_3_0" }, "RemoteUser": { - "description": "This property is the name of the remote user that will be mapped to the local role referenced by this entity.", - "longDescription": "The value of this property shall contain the name of the remote user that will be mapped to the local role referenced by this entity.", + "description": "The name of the remote user that maps to the local Redfish Role to which this entity links.", + "longDescription": "This property shall contain the name of the remote user that maps to the local Redfish Role to which this entity links.", "readonly": false, "type": [ "string", @@ -638,6 +632,6 @@ } }, "owningEntity": "DMTF", - "release": "2018.3", - "title": "#AccountService.v1_4_0.AccountService" + "release": "2019.2", + "title": "#AccountService.v1_6_0.AccountService" }
\ No newline at end of file |