The following is a description of the elements, types, and attributes that compose the SharePoint specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here. The SharePoint Component Schema is based on the SharePoint Object Model (Windows SharePoint Services 3.0) The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org. SharePoint Definition 5.11.1:1.1 11/30/2016 09:00:00 AM Copyright (c) 2016, Center for Internet Security. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at https://oval.cisecurity.org/terms. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included. The spwebapplication test is used to check the properties or permission settings of a SharePoint web application. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a spwebapplication_object and the optional state element specifies the data to check. spwebapplication_test spwebapplication_object spwebapplication_state spwebapplication_item - the object child element of a spwebapplication_test must reference an spwebapplication_object - the state child element of a spwebapplication_test must reference an spwebapplication_state The spwebapplication_object element is used by a spwebapplication test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An spwebapplication object consists of a webapplicationurl used to define a specific web application. See the defintion of the SPWebApplication class in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. The webapplicationurl element defines the SPWebApplication to evaluate specific security settings or permissions. The spwebapplication_state element defines security settings and permissions that can be checked for a specified SPWebApplications. The webapplicationurl element identifies a Web application. If the allowparttopartcommunication is enabled it allows users to create connections between Web parts. If the allowaccesstowebpartcatalog is enabled it allows users access to the online Web part gallery. The blockedfileextention element identifies one or more file extensions that should be blocked from the deployment. The defaultquotatemplate element identifies the default quota template set for the web application. If the externalworkflowparticipantsenabled is enabled then users are allowed to participate in workflows. If the recyclebinenabled is enabled it will be easy to restore deleted files. If the automaticallydeleteunusedsitecollections is disabled, sites will not be automatically deleted. If the selfservicesitecreationenabled is enabled users will be allowed to create and manager their own top-level Web sites . The secondstagerecyclebinquota is the quota for the second stage recyle bin The recyclebinretentionperiod is the retention period for the recyle bin The outboundmailserverinstance element identifies the string name of the SMPT server. Note that there is a small naming inconsistency here. The SharePoint SDK calls this 'outboundmailserviceinstance'. The outboundmailsenderaddress element identifies the address that the mail is being send from. The outboundmailreplytoaddress element identifies the address that the mail should be replied to. If the secvalexpires is enabled then the form will expire after the security validation time (timeout) . The timeout is the amount of time before security validation expires in seconds. If this is true, the web application to which this test refers is the Central Administration web application. The applicationpoolname element identifies the web applications application pool name. The applicationpoolusername element identifies the web applications application pool username. If the openitems is enabled the permission to view the source of documents with server-side file handlers is available to use for this web application.. If the addlistitems is enabled the permission to add items to lists, add documents to document libraries, and add Web discussion comments is available to use for this Web application. If approveitems is enabled the permission to approve a minor version of a list item or document is available to use for this the Web application. If the deletelistitems is enabled the permission to delete items from a list, documents from a document library, and Web discussion comments in documents is available to use for this Web application. If the deleteversions is enabled the permission to delete past versions of a list item or document is available to use for this Web application. If the editlistitems is enabled the permission to edit items in lists, edit documents in document libraries, edit Web discussion comments in documents, and customize Web Part Pages in document libraries is available to use for this Web application. If the managelists is enabled the permission to create and delete lists, add or remove columns in a list, and add or remove public views of a list is available to use for this the Web application. If the viewversions is enabled the permission to view past versions of a list item or document is available to use for this Web application. If the viewlistitems is enabled the permission to view items in lists, documents in document libraries, and view Web discussion commentsis available is available to use for this Web application. If the cancelcheckout is enabled the permission to discard or check in a document which is checked out to another user is available to use for this the Web application. If the createalerts is enabled the permission to Create e-mail alerts is available to use for this Web application. If the viewformpages is enabled the permission to view forms, views, and application pages, and enumerate lists is available to use for this Web application. If the viewpages is enabled the permission to view pages in a Web site is available to use for this Web application. If addandcustomizepages is enabled the permission to add, change, or delete HTML pages or Web Part Pages, and edit the Web site using a Windows SharePoint Services–compatible editor is available to use for this Web application. If the applystylesheets is enabled the permission to Apply a style sheet (.css file) to the Web site is available to use for this Web application. If the applythemeanborder is enabled the permission to apply a theme or borders to the entire Web site is available to use for this Web application. If the browsedirectories is enabled the permission to enumerate files and folders in a Web site using Microsoft Office SharePoint Designer and WebDAV interfaces is available to use for this Web application. If the browseuserinfo is enabled the permission to view information about users of the Web site is available to use for this Web application. If the creategroups is enabled the permission to create a group of users that can be used anywhere within the site collection is available to use for this Web application. If the createsscsite is enabled the permission to create a Web site using Self-Service Site Creation is available to use for this Web application. If the editmyuserinfo is enabled the permission to allows a user to change his or her user information, such as adding a picture is available to use for this Web application. If enumeratepermissions is enabled the permission to enumerate permissions on the Web site, list, folder, document, or list itemis is available to use for this Web application. If the managealerts is enabled the permission to manage alerts for all users of the Web site is available to use for this Web application. If the managepermissions is enabled the permission to create and change permission levels on the Web site and assign permissions to users and groups is available to use for this Web application. If the managesubwebs is enabled the permission to create subsites such as team sites, Meeting Workspace sites, and Document Workspace sites is available to use for this Web application. If the manageweb is enabled the permission to perform all administration tasks for the Web site as well as manage content is available to use for this Web application. If open is enabled the permission to allow users to open a Web site, list, or folder to access items inside that containeris available to use for this Web application. If the useclientintegration is enabled the permission to use features that launch client applications; otherwise, users must work on documents locally and upload changesis is available to use for this Web application. If the useremoteapis is enabled the permission to use SOAP, WebDAV, or Microsoft Office SharePoint Designer interfaces to access the Web siteis available to use for this Web application. If the viewusagedata is enabled the permission to view reports on Web site usage in documents is available to use for this Web application. If the managepersonalviews is enabled the permission to Create, change, and delete personal views of lists is available to use for this Web application. If the adddelprivatewebparts is enabled the permission to add or remove personal Web Parts on a Web Part Page is available to use for this Web application. If the updatepersonalwebparts is enabled the permission to update Web Parts to display personalized informationis available to use for this Web application. The spgroup test is used to check the group properties for site collections. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an spwebapplication_object and the optional state element specifies the data to check. spgroup_test spgroup_object spgroup_state spgroup_item - the object child element of a spgroup_test must reference a spgroup_object - the state child element of a spgroup_test must reference a spgroup_state The spgroup_object element is used by a spgroup test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An spgroup object consists of a sitecollectionurl used to define a specific site collection. See the defintion of the SPGroup class in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. The sitecollectionurl element defines the Site Colection to evaluate specific group settings. The spgroup_state element defines settings for groups in a site collections. The sitecollectionurl element identifies a Site Collection. The name element identifies a Group name. If the autoacceptrequesttojoinleave is enabled it allows users to automatically join groups. If the allowmemberseditmembership is enabled than all group memebers will be allowed to edit the membership of a group.. If the onlyallowmembersviewmembership is enabled it allows users to automatically join groups. The spweb test is used to check the properties for site collections. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an spwebapplication_object and the optional state element specifies the data to check. See https://msdn.microsoft.com/en-us/library/ms473633.aspx for more information. spweb_test spweb_object spweb_state spweb_item - the object child element of a spweb_test must reference an spweb_object - the state child element of a spweb_test must reference an spweb_state The spweb_object element is used by a spweb test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An spweb object consists of a webcollection url and sitecollection url used to define a specific web apoplication and a specific site collection. See the defintion of the SPWeb class in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. Specifies a web site (this is the SPWeb object we want). Specifies a site collection. The spweb_state element defines settings for a site collection. The webcollectionurl specifies a web site (the SPWeb object). The sitecollectionurl element specifies a site collection. The secondarysitecolladmin element identifies a secondary site collection admin. A boolean that represents if the secondarysitecolladmin is enabled. If the allowanonymousaccess is enabled users will be allowed to create and manager their own top-level Web sites . The splist test is used to check the properties of lists associated with a SharePoint site or site collection. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an splist_object and the optional state element specifies the data to check. splist_test splist_object splist_state splist_item - the object child element of a splist_test must reference an splist_object - the state child element of a splist_test must reference an splist_state The splist_object element is used by a splist test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An splist object consists of a spsiteurl used to define a specific site in a site collection that various security related configuration items need to be checked. See the defintion of the SPList class in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. The spsiteurl element defines the Sharepoint website being specified ... The splist_state element defines the different information that can be used to evaluate the specified Sharepoint sites.... The spsiteurl element identifies an Sharepoint site to test for. If the irmenabled option is enabled, documents are protected whenever they leave the control of the Sharepoint system. If the enableversioning option is enabled, backup copies of documents are kept and managed by the Sharepoint system. If the nocrawl option is enabled, the site is excluded from crawls that Sharepoint does when it indexes sites. The spantivirussettings test is used to check the settings for antivirus software associated with a SharePoint deployment. spantivirussettings_test spantivirussettings_object spantivirussettings_state spantivirussettings_item - the object child element of a spantivirussettings_test must reference an spantivirussettings_object - the state child element of a spantivirussettings_test must reference an spantivirussettings_state The spantivirussettings_object element is used by a spantivirussettings test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An spantivirussettings object consists of a spwebservicename used to define a specific webservice in a farm that various security related configuration items need to be checked and an spfarmname which denotes the farm of which the spwebservice is a part. See the defintion of the SPAntiVirusSettings class in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. The spwebservicename element denotes the web service for which antivirus settings will be checked. The spfarmname element denotes the farm on which a web service to be queried resides. The spantivirus_state element defines the different information that can be used to evaluate the specified Sharepoint sites.... The spwebservicename denotes the name of a SharePoint web service to be tested or * (the default) to test all web services. The spfarmname denotes the name of the farm on which the Sharepoint webservice resides or the local farm (default). Specifies whether infected documents can be downloaded on the SharePoint system. Specifies whether the virus scanner should attempt to cure files that are infected. Specifies whetehr files are scanned for viruses when they are downloaded. The number of threads that the antivirus scanner can use to scan documents for viruses. Specifies whether to skip scanning for viruses during a search crawl. Denotes the amount of time before the virus scanner times out in seconds. Specifies whether files are scanned when they are uploaded. Denotes the current increment of the number of times the vendor has been updated. The spsiteadministration test is used to check the properties of a site. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an spwebapplication_object and the optional state element specifies the data to check. spsiteadministration_test spsiteadministration_object spsiteadministration_state spsiteadministration_item - the object child element of a spsiteadministration_test must reference an spsiteadministration_object - the state child element of a spsiteadministration_test must reference an spsiteadministration_state The spsiteadministration_object element is used by a spsiteadministration test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An spsiteadministration object consists of a webapplicationurl used to define a specific web application. The collected data is available via the SPQuota class, which can be found via the SPSite object. See the defintions of the SPSite and the SPQuota classes in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. The sitecollectionurl element defines the site to evaluate. The spspsiteadministration_state element defines security settings and permissions that can be checked for a specified SPSite. The sitecollectionurl element identifies a site. The storagemaxlevel is the maximum storage allowed for the site. When the storagewarninglevel is reached a site collection receive advance notice before available storage is expended.s. The spsite test is used to check the properties of a site. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an spwebapplication_object and the optional state element specifies the data to check. spsite_test spsite_object spsite_state spsite_item - the object child element of a spsite_test must reference an spsite_object - the state child element of a spsite_test must reference an spsite_state The spsite_object element is used by a spsiteadministration test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An spsite object consists of a sitecollectionurl used to define a specific web application. See the defintion of the SPSite class in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. The sitecollectionurl element defines the site to evaluate. The spsite_state element defines security settings and permissions that can be checked for a specified SPSite. The sitecollectionurl element identifies a site. The quota name is the name of quota template for a site collection. The URL is the full URL to the root Web site of the site collection, including host name, port number, and path. 5.10 The 'url' entity has been deprecated as it has been identified as redundant since the 'sitecollectionurl' is the same URL. See the defintion of the SPSite class in the SharePoint object model documentation. DEPRECATED ENTITY IN: sp-def:spsite_state The spcrawlrule test is used to check the configuration or rules associated with the SharePoint system's built-in indexer and the sites or documents that will be indexed. spcrawlrule_test spcrawlrule_object spcrawlrule_state spcrawlrule_item - the object child element of a spcrawlrule_test must reference an spcrawlrule_object - the state child element of a spcrawlrule_test must reference an spcrawlrule_state The spcrawlrule_object element is used by a spcrawlrule test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An spcrawlrule object consists of a spsiteurl used to define a specific resource (eg. website or document) on a server that can be indexed by the SharePoint indexer. See the defintion of the CrawlRule class in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. The spsiteurl element denotes the resource on the SharePoint server (eg. a site or document) for which indexing settings will be checked. The spcrawlrule state element defines the various properties of the SharePoint indexer that can be checked. The spsiteurl denotes the URL of a website or resource whose indexing properties should be tested. Specifies whether the crawler should crawl content from a hierarchical content source, such as HTTP content. Specifies whether a particular crawl rule is enabled. Specifies whether the indexer should crawl websites that contain the question mark (?) character. The path to which a particular crawl rule applies. The priority setting for a particular crawl rule. Specifies whether the crawler should exclude the content of items that this rule applies to from the content index. A string containing the account name for the crawl rule. The spjobdefinition test is used to check the status of the various properties associated with scheduled jobs in the SharePoint system. spjobdefinition_test spjobdefinition_object spjobdefinition_state spjobdefinition_item 5.10 Replaced by the spjobdefinition510_test. This test does not uniquely identify a single job definition. A new test was created to use displaynames, which are unique. See the spjobdefinition510_test. This test has been deprecated and will be removed in version 6.0 of the language. DEPRECATED TEST: ID: - the object child element of a spjobdefinition_test must reference an spjobdefinition_object - the state child element of a spjobdefinition_test must reference an spjobdefinition_state The spjobdefinition_object element is used by a spjobdefinition test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An spjobdefinition_object consists of a webappuri used to define a specific web application for which job checks should be done. See the defintion of the SPJobDefinition class in the SharePoint object model documentation. 5.10 Replaced by the spjobdefinition510_object. This test does not uniquely identify a single job definition. A new object was created to use displaynames, which are unique. See the spjobdefinition510_object. This test has been deprecated and will be removed in version 6.0 of the language. DEPRECATED TEST: ID: State referenced in filter for '' is of the wrong type. The URI that represents the web application for which jobs should be checked. The various properties of a Sharepoint job that can be checked. 5.10 Replaced by the spjobdefinition510_state. This state does not uniquely identify a single job definition. A new state was created to use displaynames, which are unique. See the spjobdefinition510_state. This test has been deprecated and will be removed in version 6.0 of the language. DEPRECATED TEST: ID: The URI that represents the web application for which jobs should be checked. The name of the job as displayed in the SharePoint Central Administration site. Determines whether or not the job definition is enabled. Determines whether the job definition should be retried if it ends abnormally. The title of a job as displayed in the SharePoint Central Administration site. The spjobdefinition test is used to check the status of the various properties associated with scheduled jobs in the SharePoint system. spjobdefinition510_test spjobdefinition510_object spjobdefinition510_state spjobdefinition510_item - the object child element of a spjobdefinition510_test must reference an spjobdefinition510_object - the state child element of a spjobdefinition510_test must reference an spjobdefinition510_state The spjobdefinition510_object element is used by a spjobdefinition test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An spjobdefinition510_object consists of a webappuri and displayname used to define a specific web application for which job checks should be done. See the defintion of the SPJobDefinition class in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. The URI that represents the web application for which jobs should be checked. The name of the job as displayed in the SharePoint Central Administration site. The various properties of a Sharepoint job that can be checked. The URI that represents the web application for which jobs should be checked. The name of the job as displayed in the SharePoint Central Administration site. Determines whether or not the job definition is enabled. Determines whether the job definition should be retried if it ends abnormally. The title of a job as displayed in the SharePoint Central Administration site. The bestbet test is used to get all the best bets associated with a site. bestbet_test bestbet_object bestbet_state bestbet_item - the object child element of a bestbet_test must reference an bestbet_object - the state child element of a bestbet_test must reference an bestbet_state The bestbet_object element is used by a bestbet test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An bestbet object consists of a sitecollectionurl used to define a specific site and a bestbeturl used to define a specific best bet. See the defintion of the BestBet class in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. The URL that represents the site collection. The URL that represents the best bet. The various properties of a Best Bet that can be checked. The URL that represents the site collection. The name of the job as displayed in the SharePoint Central Administration site. The title of a best bet. Thedescription of a best bet.. The policycoll test is used to get all the Information Policies associated with a site. infopolicycoll_test infopolicycoll_object infopolicycoll_state infopolicycoll_item - the object child element of a policycoll_test must reference an policycoll_object - the state child element of a policycoll_test must reference an policycoll_state The infopolicycoll_object element is used by a policycoll test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. A infopolicycoll object consists of a sitecollectionurl used to define a specific site and an id used to define a specific information policy. See the defintion of the Policy class and policycollection class in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. The URL that represents the site collection. The id that represents the Information Policy. The various properties of the Information Policy that can be checked. The URL that represents the site collection. The id of the Information Policy. The name of the Information Policy. The description of an Information Policy.. The long description of an Information Policy.. The spdiagnosticsservice test is used to check the diagnostic properties associated with a Sharepoint system. spdiagnosticsservice_test spdiagnosticsservice_object spdiagnosticsservice_state spdiagnosticsservice_item - the object child element of an spdiagnosticsservice_test must reference an spdiagnosticsservice_object - the state child element of an spdiagnosticsservice_test must reference an spdiagnosticsservice_state The spdiagnosticsservice_object element is used by an spdiagnosticsservice test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An spdiagnosticsservice object consists of a farmname used to define a specific Sharepoint farm for which diagnostics properties should be checked. See the defintion of the SPDiagnosticsService class in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. The farm whose diagnostic capabilities should be checked. Use .* for all farms or SPFarm.Local for the local farm. The various properties of a diagnostics service that can be checked. The farm whose diagnostic capabilities should be checked. The name of the diagnostic service as shown in the Sharepoint Central Administration site. The number of minutes to capture events to a single log file. This value lies in the range 0 to 1440. The default value is 30. The path to the file system directory where log files are created and stored. The value that indicates the number of log files to create. This lies in the range 0 to 1024 with a default of 96. The required property specifies whether an instance of the spdiagnosticsservice must be running on the farm. The friendly name for the service as displayed in the Central Administration and in logs. This should be "Windows Sharepoint Diagnostics Service" by default. The spdiagnosticslevel_test is used to check the status of the logging features associated with a Sharepoint deployment. spdiagnosticslevel_test spdiagnosticslevel_object spdiagnosticslevel_state spdiagnosticslevel_item - the object child element of an spdiagnosticslevel_test must reference an spdiagnosticslevel_object - the state child element of an spdiagnosticslevel_test must reference an spdiagnosticslevel_state The spdiagnosticslevel_object element is used by an spdiagnosticslevel test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An spdiagnosticslevel object consists of a farmname used to define a specific Sharepoint farm for which policy properties should be checked. See the defintion of the SPWebApplication class in the SharePoint object model documentation. See the defintion of the IDiagnosticsLevel Interface in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. The farm whose diagnostics levels should be checked. Use .* for all farms or SPFarm.Local for the local farm. The various properties of a Diagnostics level that can be checked. The name of the farm for which diagnostics level properties should be checked. The event severity setting for a particular diagnostic level category. Specifies whether the trace log category is hidden in the Windows Sharepoint Services Central Administration interface. A string that represents the ID of the trace log category. This is its English language name. The name of the trace log category. This represents the localized name for the category. The trace severity setting for a particular diagnostic level category. The sppolicyfeature test enables one to check the attributes associated with policies and policy features on the Sharepoint deployment. sppolicyfeature_test sppolicyfeature_object sppolicyfeature_state sppolicyfeature_item - the object child element of an sppolicyfeature_test must reference an sppolicyfeature_object - the state child element of an sppolicyfeature_test must reference an sppolicyfeature_state The sppolicyfeature_object element is used by an sppolicyfeature test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An sppolicyfeature object consists of a farmname used to define a specific Sharepoint farm for which policy feature properties should be checked. See the defintion of the PolicyFeature class in the SharePoint object model documentation. State referenced in filter for '' is of the wrong type. The farm whose policy features should be checked. Use .* for all farms or SPFarm.Local for the local farm. The various properties of a policy feature that can be checked. The farm whose policy features should be checked. Use .* for all farms or SPFarm.Local for the local farm. The URL to a web control used to edit policy instance-level settings. The default values for any policy instance-level settings for a policy feature. The short description of the policy feature and of the service it provides. The URL to a web control used to edit server farm-level settings for this policy feature. The default settings for any server farm-level settings for this policy feature. The policy feature group to which a policy feature belongs. The name to display in the Microsoft Office Sharepoint Server 2007 interface for an information policy feature. The name of the creator of the policy feature as it is displayed in the Microsoft Office Sharepoint Server 2007 user interface. Specifies whether the policy feature is hidden or visible. The sppolicy test enables one to check the attributes of the policies associated with a particular URL Zone in a Sharepoint system. sppolicy_test sppolicy_object sppolicy_state sppolicy_item - the object child element of an sppolicy_test must reference an sppolicy_object - the state child element of an sppolicy_test must reference an sppolicy_state The sppolicy_object element is used by an sppolicy test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An sppolicy object consists of a webappuri and a URL Zone used to define a specific Sharepoint web application and zone for which policy properties should be checked. See the defintion of the SPPolicy class and the sppolicyroletype in the SharePoint object model documentation. The URI that represents the web application for which policies should be checked. The zone for which policies should be checked. The various properties of a policy that can be checked. The URI that represents the web application for which policies should be checked. The zone for which policies should be checked. The user or group display name for a policy. This defaults to the user name if the display name cannot be resolved through Active Directory. Specifies whether the user identified by a particular policy is visible only as a System account within the Windows Sharepoint Services user interface. The user name of the user or group that is associated with policy. The policy role type to apply globally in a Sharepoint web application to a user or group. The EntityObjectUrlZoneType restricts a string value to a set of values that describe the different IIS Url Zones. The empty string is also allowed to support empty element associated with error conditions. The empty string value is permitted here to allow for empty elements associated with variable references. The EntityStateEventSeverityType restricts a string value to a set of values that describe the different states that can be configured for a diagnostics level event severity level property of the diagnostics service. The empty string value is permitted here to allow for empty elements associated with variable references. The EntityStateTraceSeverityType restricts a string value to a set of values that describe the different states that can be configured for a diagnostics level trace severity level property of the diagnostics service. The empty string value is permitted here to allow for empty elements associated with variable references. The EntityStatePolicyRoleType restricts a string value to a set of values that describe the different Policy settings for Access Control that are available for users. Deny all rights. Deny write permissions. Grant full control. Grant full read permissions. No role type assigned. The empty string value is permitted here to allow for empty elements associated with variable references. The EntityStatePolicyRoleType restricts a string value to a set of values that describe the different policy feature states that can be configured for a policy feature. Specifies that the policy feature is hidden from the Sharepoint Central Administration user interface. Specifies that the policy feature is visible from the Sharepoint Central Administration user interface. The empty string value is permitted here to allow for empty elements associated with variable references. The EntityStateUrlZoneType restricts a string value to a set of values that describe the different IIS Url Zones. The empty string value is permitted here to allow for empty elements associated with variable references.