Re: [netmod] Last Call: draft-ietf-netmod-snmp-cfg-03 (20131220)

["Randy Presuhn" <randy_presuhn@mindspring.com>]

Hi -

> From: "Juergen Schoenwaelder" <j.schoenwaelder@jacobs-university.de>
> To: "Randy Presuhn" <randy_presuhn@mindspring.com>
> Cc: <netmod@ietf.org>
> Sent: Thursday, January 16, 2014 11:01 PM
> Subject: Re: [netmod] Last Call: draft-ietf-netmod-snmp-cfg-03 (20131220)
>

> On Thu, Jan 16, 2014 at 04:04:26PM -0800, Randy Presuhn wrote:
> > Hi -
> > 
> > >From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
> > >Sent: Jan 16, 2014 3:21 AM
> > >To: Randy Presuhn <randy_presuhn@mindspring.com>
> > >Cc: netmod@ietf.org
> > >Subject: Re: [netmod] Last Call: draft-ietf-netmod-snmp-cfg-03 (20131220)
> > >
> > >On Thu, Jan 09, 2014 at 04:45:30PM -0800, Randy Presuhn wrote:
> > >> Hi -
> > >> >
> > >> >But you can't delete vacmGroupName.3.3.b.o.b with SNMP either.
> > >> 
> > >> Yes you can, but that's irrelevant. 
> > >
> > >I do wonder how though (even though it might be irrelevant).
> > 
> > Setting vacmSecurityToGroupStatus.3.3.b.o.b to 'destroy'
> > will get rid of the reference,
> > setting vacmAccessStatus.3.bob.* will get rid of the group.
> 
> In other words, you have to delete and re-create the user in order to
> set him to no group (or you have to set the group to a magic value
> that does not match anything to mean no group).

No "magic value" required.  If there are no corresponding entries in
vacmAccessTable, then there's a reference but no group, from a
data model perspective if not from the quirkily-defined ASI.  Likewise,
setting vacmAccessStatus.3.bob.* to 'destroy' will get rid of the group

Randy